Home
Using the Console
This section provides information about using the SOTI MobiControl console to perform the various management tasks.
SOTI MobiControl Console Reference
Profiles
Windows Modern Profiles
Profile Configurations
Firewall: Firewall Settings

Welcome to SOTI MobiControl 2024.0 Help
SOTI MobiControl is an enterprise mobile management solution dedicated to helping you manage your enterprise devices. Use SOTI MobiControl Help to learn about all the features available through SOTI MobiControl.
What's New in SOTI MobiControl Help
Setting Up SOTI MobiControl
This section provides instructions for installing, activating, and upgrading SOTI MobiControl instances.
Using the Console
This section provides information about using the SOTI MobiControl console to perform the various management tasks.
System Health
View vital system stats in a variety of interactive, up-to-date charts and tables.
SOTI MobiControl Administration
This section provides information about how to perform various administrative tasks related to SOTI MobiControl. These tasks include monitoring your SOTI MobiControl system, changing deployment settings, integrating SOTI MobiControl with third-party applications, and performing various modifications that extend SOTI MobiControl beyond its standard configuration.
Using Package Studio
This section provides information about how to use SOTI MobiControl Package Studio to create data packages for devices.
Using Script Commands
Send scripts and execute commands on your devices with SOTI MobiControl. Script commands are supported on Android Plus, Linux, macOS, Windows Desktop Classic, and Windows Mobile/CE devices.
Using SOTI MobiControl Stage
This section provides information about how to use SOTI MobiControl Stage to quickly and easily enroll devices.
SOTI Cloud Link
Glossary
Notices

Firewall: Firewall Settings

A Firewall Settings configuration sets the Global and Network settings for the Windows Defender Firewall to prevent unauthorized connections from the internet or other networks to your enterprise network. Do this when:

Global


Global Details	Description
Disable Stateful FTP	Specify the stateful File Transfer Protocol (FTP) switch. When off, the firewall preforms stateful FTP. It filters to allow secondary connections. When on, the stateful FTP is disabled.
Enable Packet Queue	Specify how scaling for the software on the receive side is enabled for both the encrypted receive and the clear text forward path for the IPsec tunnel gateway scenario. This also preserves packet order. This value has a data type of integer and considers flag combinations.
Preshared Key Encoding	Specify the pre shared key encoding for the firewall.
Security association idle time	Specify the security association idle time in seconds,where security associations are deleted after network traffic is not identified for given a specified period of time. This value must be within 300 to 3,600 seconds, inclusive.
IPsec Exceptions	Specify protocols to include in the IPsec exceptions for the firewall.

Network


Network Details	Description
Enable Domain/Private/Public Network Firewall	Enable to configure the type of firewall. This is the firewall and advanced security enforcement switch. When off, no network traffic is blocked by the server; despite any other policy settings.
Default Inbound Action	Specify the default firewall action on inbound connections. The default is the block action.
Default Outbound Action	Specify the default firewall action on outbound connections. The default is the block action.
Global Ports Allow User Pref Merge	Specify the behavior for global port firewall rules. When off, no global port firewall rules in local store are enforced; This setting is itemized in the Group Policy store or the GroupPolicyRSoPStore.
Allow Local Policy Merge	Specify the behavior for the local policy merge. When off, the firewall rules from local store are not applied.
Allow Local IPsec Policy Merge	Specify the behaviour for the local IPsec policy merge. When off, no connection security rules from local store are enforced, despite schema and connection security rules versions.
Auth Apps Allow User Pref Merge	Specify the behaviour for the application firewall rules. When off, no authorized application firewall rules from local store are enforced.
Shielded	Specify the behaviour for shielding. When on, EnableFirewall is also on, meaning all incoming traffic is blocked from the server regardless of other policy settings.
Disable Inbound Notifications	Specify the behavior for inbound notifications. When off, the firewall can display a notification to users when an application is blocked from listening on a port. When on, notifications are not displayed by the firewall.
Disable Stealth Mode	Specify the behavior for stealth mode. When off, the server operates in stealth mode, when on, the server disables stealth mode in the firewall rules.
Disable Stealth Mode IPsec Secured Packet Exemption	Specify the behavior for stealth mode IPsec secured packet exemption. This option is exempt if DisableStealthMode is on. When on, and the given network traffic is secured by IPsec, and the firewall's stealth mode rules do not prevent the host computer from responding to unsolicited network traffic.
Disable Unicast Responses To Multicast Broadcast	Specify the behavior for logging successful inbound connections. When on, the firewall logs all successful inbound connections. Specify the behavior for unicast responses to multicast broadcast. When on, the unicast responses to multicast broadcast traffic are blocked.
Log Dropped Packets	Specify the behaviour for logging dropped packets. When on, all dropped packets are logged by the firewall.
Log Ignored Rules	Specify the behavior for logging ignored rules. When on, the server can use this value to control logging of events when a rule is not enforced.