Create Firewall Rule
Create a Firewall Control rule for a scope specified by ID (run "accounts", "sites", "groups", or set "tenant" to "true") and specific OS, to allow or block network traffic to matching endpoints. You can create one clean-up rule, with the Action of Allow or Block and with no other parameters defined explicitly. Make this the default rule at the end of your rule list. Traffic that does not match other rules first will match this rule. If you do not have a clean-up rule to match all traffic, the default Firewall Control behavior is to allow traffic that is not explicitly blocked. Firewall Control requires Control SKU.
Parameters
| Parameter | Description |
|---|---|
| Data | The rule's data. For more information visit: https://your-subdomain.sentinelone.net/api-doc/api-details?category=firewall-control&api=create-firewall-rule |
| Filter | A scope specified by ID (run "accounts", "sites", "groups", or set "tenant" to "true") and specific OS, to allow or block network traffic to matching endpoints. For more information visit: https://your-subdomain.sentinelone.net/api-doc/api-details?category=firewall-control&api=create-firewall-rule |
Workflow Library Example
Create Firewall Rule with Sentinelone and Send Results Via Email
Preview this Workflow on desktop