1. Home
  2. macOS
  3. How to Configure Firewall for Mac with Hexnode MDM?

How to Configure Firewall for Mac with Hexnode MDM?

The connections between your network ports and applications on your computer can be allowed or blocked by configuring Firewall for Mac with Hexnode MDM. Firewall can obstruct a third party from exploiting the applications on your device.

Turning the Firewall On

To turn on Firewall using Hexnode MDM,

 

  1. Navigate to Policies tab in Hexnode MDM console.
  2. Continue with an existing policy or create a new one by clicking on New Policy.
  3. From macOS > Security, choose Firewall. Click Configure.
  4. Click Enable Firewall.

turning the firewall on with hexnode mdm

Notes:

  • The Firewall cannot be turned off from your Mac device either by removing your device from the Policy Targets or by deleting the associated policy. Instead, you can do it manually from your Mac.
  • Go to System Preferences > Security & Privacy > Turn Off Firewall > Click the lock to prevent further changes.

Enabling Stealth Mode

Are you worried about attackers scanning the ports of your Mac or pinging your machine? Don’t panic. You can easily prevent others from discovering your Mac just by checking the Enable Stealth Mode option using Hexnode MDM.

Enabling Stealth Mode blocks the Mac from responding to probing requests. The incoming requests for authorized apps are still acknowledged by the Mac while unexpected requests such as ICMP (ping) are disregarded.

 

Following steps will outline how to enable Stealth Mode using Hexnode MDM.

  1. Navigate to Policies > New Policy.
  2. Create a new policy from New Policy or continue with an existing policy.
  3. From macOS > Security, choose Firewall. Click Configure.
  4. Click Enable Firewall.
  5. Check the Enable stealth mode option.

enabling stealth mode with hexnode mdm

Note:

If you enable Stealth Mode from the Hexnode MDM console, the users will not be able to manually turn off Firewall from their Mac devices unless you remove the device(s) from the associated policy or delete the concerned policy.

Block all incoming connections

Blocks all incoming network connections except those required for basic internet services, such as DHCP, Bonjour, and IPSec. This option is not recommended, as it highly hinders your activities with your machine.

 

Here are the steps to block all incoming connections.

  1.  Navigate to Policies > New Policy.
  2. Create a new policy from New Policy or continue with an existing policy.
  3. From macOS > Security, choose Firewall. Click Configure.
  4. Click Enable Firewall.
  5. Check Block all incoming connections.

block all incoming connections with hexnode mdm

Note:

If you block all incoming connections using Hexnode MDM, the users will not be able to manually turn off Firewall from their Mac devices unless you remove the device(s) from the associated policy or delete the concerned policy.

Allow/block incoming connections to specific applications

 

You can follow these steps to allow/block incoming connections to your desired applications.

  1. Navigate to Policies > New Policy.
  2. Create a new policy from New Policy or continue with an existing policy.
  3. From macOS > Security, choose Firewall. Click Configure.
  4. Click Enable Firewall.
  5. Click on Allow incoming connections or Block incoming connections as per your requirement.

To add apps,

Click on +Add app > Choose the desired apps > click Done.

If you think that you no longer need some of the apps listed here, you can easily remove them just by clicking the Delete button. You can also choose the Remove all option to discard the selection of all apps.

allow/block incoming connections to specific applications with hexnode mdm

Notes:

  •  The list of blocked apps won’t be removed from your Mac device either by removing your device from the Policy Targets or by deleting the associated policy. Instead, you can do it manually from your Mac.
  • Go to System Preferences > Security & Privacy > Firewall Options > Select the apps to be unblocked > Click  button > Click Ok > Click the lock to prevent further changes.

How to associate Firewall settings to a Mac Device?

If you’ve not saved the policy yet, you can

  1. Go to Policy Targets.
  2. Click on + Add Devices.
  3. Choose the devices with which the policy needs to be associated.
  4. Click OK when you are done adding the devices.

You can also associate policies to device groups, users, user groups or domains from the left pane underneath the Policy Targets tab.

If you are on a page that lists the policies,

  1. Check a policy.
  2. From Manage, select Associate Targets.
  3. Select the required devices and click Associate.
  •  
  •  
  •  
  •  
  •  

Was this article helpful?

Related Articles

Leave a Comment