How to use Firewall in Kaspersky Small Office Security 6
Get maximum benefit from Kaspersky solutions
Firewall in Kaspersky Small Office Security controls all network connections and ensures secure access to the local area network and the Internet according to the configured rules.
Using Firewall, you can also:
- Edit network properties.
- Block an application from connecting to the network.
- Create or modify packet rules.
- Define a range of IP addresses.
How to edit network properties
- In the main window of Kaspersky Small Office Security, click the settings button in the lower-left corner. To learn how to open the application, please refer to the instructions in this article.
- Go to the Protection section and click Firewall.
- Click Networks.
- Select a network connection and click Edit in the lower-left corner.
- Change the network name if necessary, and select the network type in the drop-down list:
- Public network. Recommended for networks that are not protected by anti-virus applications, firewalls or filters. Users of such networks cannot access the printer and files on your computer. This status is assigned to the Internet by default.
- Local network. Recommended for an internal enterprise network or home network. Users of such networks can access the printer and files on your computer.
- Trusted network. Recommended only for networks that are secure against attacks and attempts to get unauthorized access to data on the computer.
- Configure network notifications. To do so, select the check boxes opposite the relevant notifications.
- Select the default printer.
- Click Save.
How to block an application from accessing the Internet
- In the main window of Kaspersky Small Office Security, click the settings button in the lower-left corner. To learn how to open the application, please refer to the instructions in this article.
- Go to the Protection section and click Firewall.
- Click Configure application rules.
- Select the application and, in the Network column, select Block in the drop-down list.
The application will be blocked from connecting to the network.
How to create or modify a packet rule
- In the main window of Kaspersky Small Office Security, click the settings button in the lower-left corner. To learn how to open the application, please refer to the instructions in this article.
- Go to the Protection section and click Firewall.
- Click Configure packet rules.
- Select a packet rule and click:
- Edit in the lower-left corner to modify the settings of the packet rule.
- Add in the lower-right corner to create a new packet rule.
- Select an action:
- Allow.
- Block.
- By application rules. In this case, the packet rule will stop being applied if another rule has already been created for the application.
- Enter a name for the packet rule.
- Select the direction:
- Inbound (packet). The rule is applied for network packets received by the computer.
- Inbound. The rule is applied to network connections opened by a remote computer.
- Inbound/Outbound. The rule is applied both to inbound and outbound network packets or data streams, regardless of which computer initiated the network connection.
- Outbound (packet). The rule is applied to network packets sent by the computer.
- Outbound. The rule is applied only to network connections opened by your computer.
- Select the transmission protocol. For the ICMP or ICMPv6 protocols, define the type and code of the ICMP packet code. For TCP and UDP — remote ports and local ports.
- Specify the address:
- Any address. The rule is applied to any IP address.
- Subnet addresses. Select the subnet: Trusted, Local, or Public network. The rule is applied to the IP addresses of specified networks if they are connected at the current moment.
- Addresses from the list. The rule is applied to the specified range of IP addresses.
- Set the status of the packet rule:
- Active.
- Inactive.
- Select the Log events check box to display the results of the packet rule in the report.
- Click Save.
Firewall scans rules on the list from top to bottom. If multiple rules have identical settings, Firewall will use the rule that is higher on the list. To change the position of a rule on the list, use the up and down arrows at the bottom of the screen.
How to define a range of IP addresses
- In the main window of Kaspersky Small Office Security, click the settings button in the lower-left corner. To learn how to open the application, please refer to the instructions in this article.
- Go to the Protection section and click Firewall.
- Click Configure packet rules.
- Select the packet rule and click Edit in the lower-left corner.
- In the Address section, select Addresses from the list.
- In either the Remote addresses or Local addresses field, enter the IP range in Classless InterDomain Routing (CIDR) notation.
Example record of an IP address range in CIDR notation
For a range of IP addresses like 10.96.0.0/11, the subnet mask is 11111111 11100000 00000000 00000000 in binary format, or 255.224.0.0 in decimal format.
11 digits of the IP address are intended for the network number, and the other digits are for the local address in the network.
10.96.0.0/11 means the range of addresses from 10.96.0.1 to 10.127.255.255.
To convert IP addresses to CIDR, you are advised to use any online services such as http://ip2cidr.com/.