Allow applications to launch hidden processes
If you use role-based administration:
- You must have the Policy setting - firewall right to configure a firewall policy.
- You cannot edit a policy if it is applied outside your active sub-estate.
For more information, see Managing roles and sub-estates.
An application sometimes launches another hidden process to perform some network access for it.
Malicious applications can use this technique to evade firewalls: they launch a trusted application to access the network rather than doing so themselves.
To allow applications to launch hidden processes, follow these steps.
Note This option is not available on Windows 8 and later as it is handled automatically by the
Sophos Anti-Virus HIPS technology.
If you enable interactive mode, the firewall can display a learning dialog on the endpoint computer when it detects a new launcher. For details, see Enable interactive mode. The interactive mode is not available on Windows 8 and later.