11-27-2023 12:16 PM
Hi everyone, I'm new user of cortex.
I need your help to use Host Firewall on Cortex for block RDP coneccions and permit only some groups,
I can block it using port, but I need allow conexion for IT group, i created two rules, one blocked RDP ports on both directions for everybody and the other allow traffic, and the target of second policy is just for IT groups. the second rule is at the top but. This not workings...
I need integrate other app like cloud identity engine or I can do it only with cortex?
thanks you for your help with this topics
Best!
11-27-2023 02:47 PM
Hello Rolando_Pena,
Please confirm that you don't have any 'allow' rules that might be conflicting, and that the policy is correctly targeting the agent/endpoints that you're testing. I suggest assigning a different profile to the policy for the IT group that is allowed access, and the endpoints that you are testing, then confirm the agent has checked in to receive the policy configuration.
You may enable "Report Matched Traffic" for troubleshooting:
If you found this answer helpful please select Accept as Solution.
Thank you
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
