Using Knox Manage to set up per-app firewalls in Chrome


  • Knox Manage (KM)
  • Knox version*: 2.9
  • Model number: SM-N950F
  • Android version: 7.1.1
  • Google Chrome version: 66.0.3359.158


The latest Chrome version (66.0.3359.158) is using the Chromium DNS-resolution method, which overrides our addDomainFilterRules API. To fix this, you need to force Chrome to use the system's DNS-resolution. This is done by using port 53 as an argument for the Firewall prohibited policy to block Chromium DNS resolution.

How do I use Knox Manage to set up per-app firewalls in Chrome?

To set up per-app firewalls on Chrome using Knox Manage, please follow the steps below:
  1. Access Device Management Profile> Android > Policy > Firewall> Prohibited policy (IP)

  2. Fill in the fields as specified:

    Package Name:
    IP address/range: *
    Port/port range: 53
    Applied ports: All
    Network interface: All

  3.  Click on the '+' symbol.