Firewall Management

alexjdale
Valued Contributor III

We're investigating firewall capabilities for the Mac and I'd like to get some input or feedback from the community.

Is it possible to lock down the native firewall so that even admin users cannot disable it (via managed preferences, I would assume)? If we need to go the third party route for a managed solution, has anyone had a good experience with firewall applications?

1 REPLY 1

krichterjr
Contributor
Contributor

Just a word of caution that I've been having issues with the CL (/usr/libexec/ApplicationFirewall/socketfilterfw) for Apple's application firewall. I have an open ticket with Apple right now and I've seen other post similar experiences. Here's a link to one

https://jamfnation.jamfsoftware.com/discussion.html?id=7329

I can add and remove applications ok but blocking and unblocking doesn't seem to work in 10.8 or 10.9. Maybe you will have a different experience but do some testing before you put a lot of time into it.

As far as locking it down from admin users I know there are a few 'exploits' to bypass any restrictions you set up so I don't believe you will be able to stop admin users from turning it off if they really want to. Of course you could annoy them by having a policy continue to check if it's on or not and turn it on if they have turned it off.

Hope that helps