User`s guide

AT&T Global Network Client for Windows Administrator’s Guide
© 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or
AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Images are shown for illustrative purposes only; individual
experience may vary. This document is not an offer, commitment, representation or warranty by AT&T and is subject to change.
Windows is a registered trademark of Microsoft Corporation in the United States and other countries.
-89-
Figure 43: Firewall Settings Window
Allowing a user to turn the AT&T Global Network Client Firewall off when not VPN connected may be
useful in environments that use enterprise management software to manage computers on a customer
LAN since the firewall prevents the management software from having unsolicited access to the target
machine.
The AT&T Global Network Client Firewall Settings window can be accessed by clicking the Microsoft
Windows Start Menu, mouse over All Programs, click AT&T Global Network Client, and click Firewall
Settings. The Firewall Settings application can only be open when the AT&T Global Network Client
application is not running.
Customer Account Administrators can customize their AT&T Global Network Client installation to prevent
the Firewall Settings window from being installed. Refer to the Customizations Chapter on page 48 of
this guide for more information.
Whether users can modify the options on the Firewall Settings window can be controlled through the
‘User Controlled Firewall’ setting in the AT&T Administration Server. When the ‘User Controlled
Firewall’ setting is set to ‘N’, the radio buttons on the Firewall Settings Window will be disabled and the
user may view, but not change, the current state of the AT&T Global Network Client Firewall. Refer to
Appendix A on page 103 of this guide for additional information about settings available in the AT&T
administration server.
Managed VPN Access Control Lists
The only exceptions to the static firewall policy of denying all unsolicited traffic exist when there is an
active Managed VPN Service connection. When VPN connected, the firewall does not block VPN traffic.
With an active VPN connection, users receive all VPN traffic, solicited or unsolicited. Administrators have
the ability to define an Access Control List (ACL) identifying the hosts with which a user can communicate
through the VPN. Then the user can only initiate communication to those hosts defined in the Access