Applies to Kaspersky Small Office Security 2 for Personal Comuter
All network connections on your computer are monitored by Firewall. Firewall assigns a specific status to each connection and applies various rules for filtering of network activity depending on that status, thus, it allows or blocks a network activity. Firewall works based on rules of two types: packet rules and rules for applications.
Packet rules have a higher priority compared to the application rules. If both packet rules and application rules are applied to the same type of network activity, this network activity will be processed using the batch rules. Packet rules are used in order to restrict packets transfering regardless applications.
Creating a network rule
In order to create packet rule, perform the following actions:
- open the main application window
- on the upper right hand corner of the window, click Settings
- on the upper part of the Settings window, select Protection
- on the left hand part of the Settings window under Protection, select Firewall
make sure that the Firewall component is enabled (the Enable Firewall box is checked)
on the right hand part of the Settings window, click Settings
on the Firewall window ,go to the Filtering rules tab
click on the Add link. The Network rule window appears
specify the required parameters
once the required parameters are specified, click on the OK button
click OK on the Firewall window
click OK on the Settings window
close the main application window.
Network rule parameters
While creating a network rule you can specify an action performed by Firewall if it detects the network activity:
The Allow or Block rules can be logged. In order to do this, check the Log events box.
If you want to create a packet rule you need to set network service. Network service contains types of network activities, which are restricted according to a network rule. You can select the type of network activity or create a new by clicking the Add link.
Network service includes the following parameters:
Protocol. Firewall restricts connections via TCP and UDP protocols.
Direction. Firewall controls connections with the following directions:
Inbound (stream). The rule is for network connections created from another computer.
Inbound / Outbound. The rule is for inbound and outbound data packets and data streams regardless the direction.
Outbound (stream). The rule is only for network connections created by your computer.
Remote and Local ports. You can specify ports which are used by your and remote computers for TCP and UDP protocols. These ports will be controlled by Firewall.
You can also specify network addresses. You can use an IP address as the network address or specify the network status. In the latter case the addresses will be copied from all networks that are connected and have the specified status at the moment.
You can find detailed instructions on how to set a range of IP addresses in KB6480.
You can select one of the following addresses types:
Addresses from group. The rule will be created for IP addresses from the specified range of IP addresses. Select one of the address groups. If there are no address groups you want to add, you can create a new group. In order to do this, click the Add link in the lower part of the section and in the Network addresses window that will open specify the addresses.