Getting started with the firewall

Note Sophos Client Firewall will be retired on 30 June 2021.

When the firewall is first installed, you may need to configure it. Whether you need to do this depends on how it has been installed. There are two types of installation:

  • Installed on a network computer and managed from a management console
  • Installed on a standalone computer and managed from the computer

Firewall managed from a management console

If the firewall is installed and managed from a management console, it allows or blocks applications and traffic according to rules set by policy.

Unless the policy has put the firewall into interactive mode (see below), you will not be prompted with any messages and do not need to configure the firewall in any way.

Firewall managed from this computer

If the firewall is managed on this computer, we recommend that you start by creating rules to allow network access for common applications and services such as Web browsers and email clients.

For information on creating rules, see About configuring the firewall.

The firewall will also initially be in interactive mode (see below). Leave the firewall in interactive mode for a period of time so that you can allow or block other applications and services you use.

Once you have configured the firewall, and it recognizes the applications you commonly use, we recommend that you change to one of the non-interactive modes.

For information, see Change to a non-interactive mode.

What's interactive mode?

In interactive mode, the firewall prompts you to allow or block any applications and traffic for which it does not have a rule.

For information about how to deal with messages from the firewall, see About interactive mode.

On Windows 8 and later, interactive mode is not available. You must add specific policy rules to allow or block applications. Alternatively, you can use the event viewer in the management console to manage application rules interactively.