Client/Server architecture for global configuration

[freedbygrace]

What would you like to add or change?:
If a server component could be configured with some kind of web interface that runs in docker for example. The agents could check in with the server and check for policy configurations. You could then group devices into logical groups and apply centralized firewall policies to subsets of devices.

Why do you and others need this?:
Windows Firewall allows this using group policy and some functionality to do this within Intune as well, however, it severely lacks. This would fill a major gap in the client side firewall space because host to host traffic cannot be blocked at Layer 3 unless you cross networks of course. At layer two, you can block host to host using MAC addresses on switches, but who wants to manage that?

This would be a centralized client side firewall management solution / replacement for the traditional Windows Firewall. Also, if it goes cross platform to Windows, MAC, and Linux within centralized agent deployment using MSIs and Bash scripts, its a done deal!

[github-actions]

Greetings and welcome to our community! As this is the first issue you opened here, we wanted to share some useful infos with you:

• 🗣️ Our community on Discord is super helpful and active. We also have an AI-enabled support bot that knows Portmaster well and can give you immediate help.
• 📖 The Wiki answers all common questions and has many important details. If you can't find an answer there, let us know, so we can add anything that's missing.