How to use Firewall in Kaspersky Total Security 19
Firewall in Kaspersky Total Security controls all network connections and protects access to the local area network and the internet according to the settings.
Using Firewall, you can:
- Edit network properties.
- Block an application from connecting to the network.
- Create or modify packet rules.
- Define a range of IP addresses.
How to edit network properties
- In the main window of Kaspersky Total Security, click
.
- To learn how to open the main application window, see this article.
- Go to the Protection section and click Firewall.
- Click Networks.
- Select a network connection and click Edit in the lower-left corner.
- Change the network name if necessary, and select the network type in the drop-down list:
- Public network: recommended for networks that are not protected by anti-virus applications, firewalls or filters. This status prevents other network users from accessing the files on your computer, or any printers connected to it. This status is assigned to the internet by default.
- Local network: recommended only for networks that are secure against attacks and attempts to get unauthorized access to data on the computer. This status allows other network users access the files on your computer, or any printers connected to it.
- Trusted network: recommended only for networks that are secure against attacks and attempts to get unauthorized access to data on the computer.
- Configure network notifications. To do so, select the check boxes opposite the notifications you want to get.
- Select the default printer.
- Click Save.
Network properties will be changed.
How to block an application from accessing the Internet
- In the main window of Kaspersky Total Security, click .
- To learn how to open the main application window, see this article.
- Go to the Protection section and click Firewall.
- Click Configure application rules.
- Select the application and, in the Network column, select Deny from the drop-down list.
The application will be blocked from connecting to the network.
How to create or modify a packet rule
- In the main window of Kaspersky Total Security, click .
- To learn how to open the main application window, see this article.
- Go to the Protection section and click Firewall.
- Click Configure packet rules.
- In this window, you can:
- Select the packet rule and click Edit in the lower-left corner to modify the settings of an existing packet rule.
- Click Add in the lower-right corner to create a new packet rule.
- Select an action:
- Allow
- Block
- By application rules. In this case, the application rule will stop being active if another rule for the application already exists.
- Specify a name for the rule.
- Select the direction:
- Inbound (packet): the rule is applied only to incoming network packets.
- Inbound: the rule is applied to network connections opened by a remote computer.
- Inbound/Outbound: The rule is applied both to inbound and outbound network packets or data streams, regardless of which computer initiated the connection.
- Outbound (packet): the rule is applied only to outgoing network packets.
- Outbound: the rule is applied to network connections opened by your computer.
- Select the protocol. For ICMP or ICMPv6 protocols, set the type and ICMP packet code. For TCP and UDP, set remote ports and local ports.
- Specify the address:
- Any address: the rule is applied to any IP address.
- Subnet addresses. Select the subnet: Trusted, Local, or Public network. The rule is applied to the IP addresses of specified networks that are currently connected.
- Addresses from the list: the rule is applied to the specified range of IP addresses.
- Set the status for the rule:
- Active
- Inactive
- Select the Log events checkbox to display the results of the packet rule in the report.
- Click Save.
Firewall checks the rules one by one from the top to the bottom of the list. If some of the rules have similar parameters with different values, Firewall will use the one that is closer to the top of the list. To change the position of a rule on the list, use the up and down arrows.
How to set a range of IP addresses
- In the main window of Kaspersky Total Security, click .
- To learn how to open the main application window, see this article.
- Go to the Protection section and click Firewall.
- Click Configure packet rules.
- Select the packet rule and click Edit in the lower-left corner.
- In the Address section, select Addresses from the list.
- In either the Remote addresses or Local addresses field, enter the IP range in Classless InterDomain Routing (CIDR) notation.
- Click Save.
Example log of an IP address in CIDR notation
For an IP range in the format 10.96.0.0/11, the subnet mask is 11111111 11100000 00000000 00000000 in binary format, or 255.224.0.0 in decimal format.
11 digits of the IP address are intended for the network number, and the other digits are intended for the local address in the network. Therefore, 10.96.0.0/11 means the range of the addresses from 10.96.0.1 to 10.127.255.255.
For converting IP addresses to CIDR, we recommend using online services such as http://ip2cidr.com/.
