Support

Support for business applications

Kaspersky Endpoint Security 10 for Windows

Firewall

Managing application network rules

Creating and editing an application network rule

Kaspersky Endpoint Security 10 for Windows
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ System requirements Upgrade to KES 12 for Windows Forum Contact support Recovery tools Product videos

Creating and editing an application network rule

22 December 2022

ID 123452

Get as PDF

To create or edit a network rule for an application group:

  1. Open the application settings window.
  2. In the left part of the window, in the Anti-Virus protection section, select the Firewall subsection.
  3. Click the Application network rules button.

    The Firewall window opens to the Application control rules tab.

  4. In the list of applications, select the application or group of applications for which you want to create or edit a network rule.
  5. Right-click to bring up the context menu and select Application rules or Group rules depending on what you need to do.

    This opens the Application control rules or Application group control rules window.

  6. In the window that opens, select the Network rules tab.
  7. Do one of the following:
    • To create a new network rule, click the Add button.
    • To edit a network rule, select it in the list of network rules and click the Edit button.

    The Network rule window opens.

  8. In the Action drop-down list, select the action to be performed by Firewall on detecting this kind of network activity:
    • Allow
    • Block
  9. In the Name field, specify the name of the network service in one of the following ways:
    • Click the network_service_pict icon to the right of the Name field and select the name of the network service in the drop-down list.

      The drop-down list includes network services that define the most frequently used network connections.

    • Manually enter the name of the network service in the Name field.
  10. Specify the data transfer protocol:
    1. Select the Protocol check box.
    2. In the drop-down list, select the type of protocol on which to monitor network activity.

      Firewall monitors network connections that use the TCP, UDP, ICMP, ICMPv6, IGMP, and GRE protocols.

      If you select a network service from the Name drop-down list, the Protocol check box is selected automatically and the drop-down list next to the check box contains the protocol type that corresponds to the selected network service. By default, the Protocol check box is cleared.

  11. In the Direction drop-down list, select the direction of the monitored network activity.

    Firewall monitors network connections with the following directions:

    • Inbound.
    • Inbound / Outbound.
    • Outbound.
  12. If ICMP or ICMPv6 is selected as the protocol, you can specify the ICMP packet type and code:
    1. Select the ICMP type check box and select the ICMP packet type in the drop-down list.
    2. Select the ICMP code check box and select the ICMP packet code in the drop-down list.
  13. If TCP or UDP is selected as the protocol type, you can specify the comma-delimited port numbers of the local and remote computers between which the connection is to be monitored:
    1. Type the ports of the remote computer in the Remote ports field.
    2. Type the ports of the local computer in the Local ports field.
  14. Specify the network addresses of remote computers that can send and/or receive network packets. To do so, select one of the following values in the Remote addresses drop-down list:
    • Any address. The network rule controls network packets sent and/or received by remote computers with any IP address.
    • Subnet addresses. The network rule controls network packets sent and/or received by remote computers with IP addresses associated with the selected network type: Trusted networks, Local networks, or Public networks.
    • Addresses from the list. The network rule controls network packets sent and/or received by remote computers with IP addresses that can be specified in the list below using the Add, Edit, and Delete buttons.
  15. Specify the network addresses of computers that have Kaspersky Endpoint Security installed and can send and/or receive network packets. To do so, select one of the following values in the Local addresses drop-down list:
    • Any address. The network rule controls network packets sent and/or received by computers with Kaspersky Endpoint Security installed and with any IP address.
    • Addresses from the list. The network rule controls network packets sent and/or received by computers with Kaspersky Endpoint Security installed and with IP addresses that can be specified in the list below using the Add, Edit, and Delete buttons.

    Sometimes a local address cannot be obtained for applications that work with network packets. If this is the case, the value of the Local addresses setting is ignored.

  16. If you want the actions of the network rule to be reflected in the report, select the Log events check box.
  17. In the Network rule window, click OK.

    If you created a new network rule, the rule is displayed on the Network rules tab.

  18. Click OK in the Application group control rules window if the rule is intended for a group of applications, or in the Application control rules window if the rule is intended for an application.
  19. In the Firewall window, click OK.
  20. To save changes, click the Save button.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.