Skip to content

Firewall configuration (macOS device policy)

With the Firewall configuration you define settings for the application firewall included in macOS.

Setting Description
Turn on application firewall The application firewall is turned on.
Block all incoming connections Sharing services, such as File Sharing or Screen Sharing, are not allowed to receive incoming connections.

This does not affect the following system services:

  • configd (DHCP and other network configuration services)
  • mDNSResponder (Bonjour)

  • racoon (IPSec)
Use stealth mode The computer ignores unexpected requests, such as ping requests.
Automatically allow built-in apps Built-in apps, such as iTunes, are added to the list of apps allowed to receive connections.

You can’t turn this setting off.

Automatically allow signed downloaded apps Apps signed by a valid certificate authority are added to the list of apps allowed to receive connections.

You can’t turn this setting off.

Allowed connections An app group containing apps allowed to receive connections.

For other apps, users can choose to allow or deny a connection.

Denied connections An app group containing apps not allowed to receive connections.

For other apps, users can choose to allow or deny a connection.