Sophos Client Firewall: how to configure it as a packet filtering firewall

To run the Sophos Client Firewall just as a packet filtering firewall, you must switch off scanning for hidden process launchers.

The Allow Hidden Processes option, which is not visible to the user, must be set to 'True',  to ensure that the firewall does not block the processes which Allow Hidden Processes launches.

What to do

1. Go to the shared CID folder and locate the Configuration.conf file inside SAVSCFXP\scf\commonappdata\sophos\sophos client firewall\configuration.conf. Make a copy of this file.
2. Go to the computer which has Enterprise Console installed on it, and create a new firewall policy.
3. In the new firewall policy, on the General tab, in the Managing Configuration section, click on the 'Import' button.
4. Locate the file, Configuration.conf, which you made a copy of above, and choose to import it
5. When prompted choose to:
   • Load the general configuration
   • Load the global and application rules
   • Overwrite
6. This has now created a new policy where the Allow Hidden Processes option is set to 'True'.
7. Now add the rest of your policy, and apply it to your client computers.