|Operating Systems||WARP mode required||Zero Trust plans|
|macOS, Windows||WARP with Gateway||All plans|
The Firewall device posture attribute ensures that a firewall is running on a device.
Enable the firewall check
- In Zero Trust, go to Settings > WARP Client.
- Scroll down to WARP client checks and select Add new.
- Select Firewall.
- Enter a descriptive name for the check.
- Select your operating system.
- Turn on Enable firewall check.
- Select Save.
Next, go to Logs > Posture and verify that the firewall check is returning the expected results.
How WARP checks the firewall status
Operating systems determine Firewall configuration in various ways. Follow the steps below to understand how the WARP client determines if the firewall is enabled.
macOS has two firewalls: an application-based firewall and a port-based firewall. The WARP client will report a firewall is enabled if either firewall is running.
- Open System Preferences and go to Security & Privacy.
- Verify that Firewall is set to On.
sudo /sbin/pfctl -s info.
- Look for the value of Status which must be Enabled.
- Open a Powershell window.
- Run the
Get-NetFirewallProfile -Name Publiccommand to check the Firewall status of your public interface.
- Look for the value of Enabled which must be set to True.