User`s guide
AT&T Global Network Client for Windows Administrator’s Guide
© 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or
AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Images are shown for illustrative purposes only; individual
experience may vary. This document is not an offer, commitment, representation or warranty by AT&T and is subject to change.
Windows is a registered trademark of Microsoft Corporation in the United States and other countries.
-87-
AT&T Global Network Client Firewall
The AT&T Global Network Client Firewall is a component of the AT&T Global Network Client which
provides basic firewall capabilities. The AT&T Global Network Client Firewall uses the Windows firewall
engine for the firewall and fencing.
The AT&T Global Network Client Firewall provides the following:
• Blocks unsolicited traffic when not connected
• Blocks unsolicited Internet traffic while VPN connected
Overview
The AT&T Global Network Client Firewall is designed to protect a computer as a network firewall. The
AT&T Global Network Firewall is turned off by default.
If it is turned on, either by the end user while not connected, or through central configuration via the
AT&T Service Manager, the AT&T Global Network Client Firewall is active on all network card interfaces
and all Microsoft Remote Access Services WAN/Dial-Up Networking interfaces whenever the workstation
is powered on, regardless of whether there is a current connection to an AT&T network.
The AT&T Global Network Client Firewall monitors IP traffic; if an IP packet received is determined to be
unsolicited
6
by the workstation, it is silently discarded. The AT&T Global Network Client Firewall does not
perform any user notification of unsolicited traffic. If your computer did not request, negotiate, or grant
permission for a connection with another machine, the traffic is silently rejected.
The AT&T Global Network Client Firewall also protects VPN sessions controlled by the AT&T integrated
VPN client. Account administrators define their VPN network resources using an Access Control List (ACL)
(AKA ‘down the tunnel’ network resources) in the AT&T Administration Server. Only traffic destined to
one of the defined ACL resources is routed through the VPN tunnel. A setting in the AT&T Administration
Server controls if non-VPN traffic should route over the Internet or be silently discarded.
OPSWAT Certified Firewall
The AT&T Global Network Client Firewall is certified through the OPSWAT
Certification Program. This certification demonstrates that the AT&T
Global Network Client Firewall is compatible with products from other
market-leading technology vendors. Products carrying OPSWAT
certification follow standards that indicate they will not adversely affect other installed security software.
To learn more, visit the OPSWAT Certification website at http://www.opswat.com/certified
6
The AT&T Global Network Client Firewall monitors new solicitation status as well as tracking port and
SYNC status for current and expired sessions.