{"id":76930,"date":"2023-05-24T16:18:24","date_gmt":"2023-05-24T20:18:24","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&p=76930"},"modified":"2024-01-30T15:58:27","modified_gmt":"2024-01-30T20:58:27","slug":"create-mac-local-firewall-controls-policy","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy","title":{"rendered":"Create a Mac Local Firewall Controls Policy"},"content":{"rendered":"\n

The Local Firewall Control Policy for macOS helps you enforce and modify the behavior of a  local firewall. A firewall protects your devices against malicious or unnecessary network traffic.<\/p>\n\n\n\n

To create a macOS Local Firewall Controls policy<\/strong>:<\/p>\n\n\n\n

    \n
  1. Log in to the Admin Portal: https:\/\/console.jumpcloud.com\/login<\/a>.<\/li>\n\n\n\n
  2. Go to DEVICE MANAGEMENT > Policy Management<\/strong>.<\/li>\n\n\n\n
  3. Under the All<\/strong> tab, click (+<\/strong>).<\/li>\n\n\n\n
  4. On the New Policy panel, select the Mac<\/strong> tab.<\/li>\n\n\n\n
  5. Select the Local Firewall Controls<\/strong> policy from the list, then click configure<\/strong>.<\/li>\n\n\n\n
  6. (Optional) In the Policy Name<\/strong> field, enter a new name for the policy or keep the default. Policy names must be unique.<\/li>\n\n\n\n
  7. (Optional) In the Policy Notes<\/strong> field, enter details like when you created the policy, where you tested it, and where you deployed it.<\/li>\n\n\n\n
  8. Select Enable Firewall<\/strong> to configure the firewall. You must select this field to enable any additional fields.<\/li>\n\n\n\n
  9. Select Block All Incoming Connections<\/strong> to block all new incoming network requests and to enable Stealth Mode.<\/li>\n\n\n\n
  10. Select Enable Logging<\/strong> to create log files. This information is stored in \/var\/log\/alf.log<\/code> and \/var\/log\/appfirewall.log<\/code> files. This field is available only for devices running macOS 12 Monterey or later.\n
      \n
    • (Optional) If you selected Enable Logging, select Enable Private Data Collection<\/strong> to identify private information about the user or computer at the time of the log entry. You might want to advise your users that private data is being collected.<\/li>\n\n\n\n
    • (Optional) If you selected Enable Logging, choose the type of logging you want to collect:\n
        \n
      • Throttled<\/strong> – Log only the minimum data associated with events.<\/li>\n\n\n\n
      • Brief<\/strong> – Log a single line item for each firewall action with moderate detail.<\/li>\n\n\n\n
      • Detail<\/strong> – Send all details that are collected.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n

        <\/p><\/div>

        Tip:<\/strong> \n

        This field is available only for devices running macOS 12 Monterey or later.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n

          \n
        1. Select\u00a0Enable Stealth Mode<\/strong>\u00a0to make it more difficult for other devices on your network, friend or foe, to locate your Mac. This\u00a0setting can also be enabled via Apple\u2019s\u00a0System Settings > Privacy & Security<\/strong>.\u00a0\"\"<\/li>\n<\/ol>\n\n\n\n
            \n
          1. (Optional) Select the Device Groups<\/strong> tab. Select one or more device groups where you’ll apply this policy. For device groups with multiple OS member types, the policy is applied only to the supported OS.<\/li>\n\n\n\n
          2. (Optional) Select the Devices<\/strong> tab. Select one or more devices where you’ll apply this policy.<\/li>\n\n\n\n
          3. Click save<\/strong>.<\/li>\n\n\n\n
          4. If prompted, click save<\/strong> again.<\/li>\n\n\n\n
          5. After applying the policy, the user must log out and log back in on the device for the changes to take effect.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

            The Local Firewall Control Policy for macOS helps you enforce and modify the behavior of a  local firewall. A firewall […]<\/p>\n","protected":false},"author":201,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2925,2852,3082],"support_tag":[],"coauthors":[2835],"acf":[],"yoast_head":"\nCreate a Mac Local Firewall Controls Policy - JumpCloud<\/title>\n<meta name=\"description\" content=\"You can create a Mac Local Firewall Control policy to enforce and modify the behavior of a \u00a0local firewall used to protect your devices against malicious or unnecessary network traffic.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Create a Mac Local Firewall Controls Policy\" \/>\n<meta property=\"og:description\" content=\"You can create a Mac Local Firewall Control policy to enforce and modify the behavior of a \u00a0local firewall used to protect your devices against malicious or unnecessary network traffic.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-30T20:58:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Mac_LocalFirewallControls_policy.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"alexsnyder\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy\",\"url\":\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy\",\"name\":\"Create a Mac Local Firewall Controls Policy - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Mac_LocalFirewallControls_policy.png\",\"datePublished\":\"2023-05-24T20:18:24+00:00\",\"dateModified\":\"2024-01-30T20:58:27+00:00\",\"description\":\"You can create a Mac Local Firewall Control policy to enforce and modify the behavior of a \u00a0local firewall used to protect your devices against malicious or unnecessary network traffic.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Mac_LocalFirewallControls_policy.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Mac_LocalFirewallControls_policy.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Create a Mac Local Firewall Controls Policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Create a Mac Local Firewall Controls Policy - JumpCloud","description":"You can create a Mac Local Firewall Control policy to enforce and modify the behavior of a \u00a0local firewall used to protect your devices against malicious or unnecessary network traffic.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy","og_locale":"en_US","og_type":"article","og_title":"Create a Mac Local Firewall Controls Policy","og_description":"You can create a Mac Local Firewall Control policy to enforce and modify the behavior of a \u00a0local firewall used to protect your devices against malicious or unnecessary network traffic.","og_url":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy","og_site_name":"JumpCloud","article_modified_time":"2024-01-30T20:58:27+00:00","og_image":[{"url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Mac_LocalFirewallControls_policy.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes","Written by":"alexsnyder"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy","url":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy","name":"Create a Mac Local Firewall Controls Policy - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Mac_LocalFirewallControls_policy.png","datePublished":"2023-05-24T20:18:24+00:00","dateModified":"2024-01-30T20:58:27+00:00","description":"You can create a Mac Local Firewall Control policy to enforce and modify the behavior of a \u00a0local firewall used to protect your devices against malicious or unnecessary network traffic.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#primaryimage","url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Mac_LocalFirewallControls_policy.png","contentUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/Mac_LocalFirewallControls_policy.png"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/create-mac-local-firewall-controls-policy#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Create a Mac Local Firewall Controls Policy"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/76930"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/201"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/76930\/revisions"}],"predecessor-version":[{"id":104560,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/76930\/revisions\/104560"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=76930"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=76930"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=76930"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=76930"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}