|
|
|
Setting
|
Description
|
Values
|
DefaultIncomingAction
|
The default action to perform on an inbound connection if no network rules apply to this connection type.
|
Allow (default value) — Allow inbound connections.
Block — Block inbound connections.
|
DefaultIncomingPacketAction
|
The default action to perform on an incoming packet if no network packet rules apply to this connection type.
|
Allow (default value) — Allow incoming packets.
Block — Block incoming packets.
|
OpenNagentPorts
|
Adds Network Agent dynamic rules to the network packet rules.
|
Yes (default value) – Add Network Agent dynamic rules to the network packet rules.
No – Do not add Network Agent dynamic rules to the network packet rules.
|
The [PacketRules.item_#] section contains network packet rules for the Firewall Management task. You can specify several [PacketRules.item_#] sections in any order. The application processes the scopes by index in ascending order.
Each [PacketRules.item_#] section contains the following settings:
|
Name
|
Network packet rule name.
|
Default value: Packet rule #<n>, where n is an index.
|
FirewallAction
|
Action to be performed on connections specified in this network packet rule.
|
Allow (default value) — Allow network connections.
Block — Block network connections.
|
Protocol
|
Type of protocol for which network activity is to be monitored.
|
Any (default value) — The Firewall Management task monitors all network activity.
TCP
UDP
ICMP
ICMPv6
IGMP
GRE
|
RemotePorts
|
Port numbers of the remote devices whose connection is monitored. An integer or interval can be specified for this value.
This setting can only be specified if the Protocol setting is set to TCP or UDP.
|
Any (default value) — Monitor all remote ports.
0 – 65535.
|
LocalPorts
|
Port numbers of the local devices whose connection is monitored. An integer or interval can be specified for this value.
This setting can only be specified if the Protocol setting is set to TCP or UDP.
|
Any (default value) — Monitor all local ports.
0 – 65535.
|
ICMPType
|
ICMP packet type.
This setting can only be specified if the Protocol setting is set to ICMP or ICMPv6.
|
Any (default value) — Monitor all ICMP packet types.
Integer number according to the data transfer protocol specification.
|
ICMPCode
|
ICMP packet code.
This setting can only be specified if the Protocol setting is set to ICMP or ICMPv6.
|
Any (default value) — Monitor all ICMP packet codes.
Integer number according to the data transfer protocol specification.
|
Direction
|
Direction of the monitored network activity.
|
IncomingOutgoing or InOut (default value) — Monitor both inbound and outbound connections.
Incoming or In — Monitor inbound connections.
Outgoing or Out — Monitor outbound connections.
IncomingPacket or InPacket — Monitor incoming packets.
OutgoingPacket or OutPacket — Monitor outgoing packets.
IncomingOutgoingPacket or InOutPacket — Monitor both incoming and outgoing packets.
|
RemoteAddress
|
The network addresses of the remote devices that can send and receive network packets.
|
Any (default value) — Monitor network packets sent and/or received by remote devices with any IP address.
Trusted — Predefined network zone for trusted networks.
Local — Predefined network zone for local networks.
Public — Predefined network zone for public networks.
d.d.d.d — IPv4 address, where d is a decimal number from 0 to 255.
d.d.d.d/p — Subnet of IPv4 addresses, where p is a number from 0 to 32.
x:x:x:x:x:x:x:x — IPv6 address, where x is a hexadecimal number from 0 to ffff.
x:x:x:x::0/p — Subnet of IPv6 addresses, where p is a number from 0 to 64.
|
LocalAddress
|
Network addresses of devices that have Kaspersky Endpoint Security installed and can send and/or receive network packets.
|
Any (default value) — Monitor network packets sent and/or received by local devices with any IP address.
d.d.d.d — IPv4 address, where d is a decimal number from 0 to 255.
d.d.d.d/p — Subnet of IPv4 addresses, where p is a number from 0 to 32.
x:x:x:x:x:x:x:x — IPv6 address, where x is a hexadecimal number from 0 to ffff.
x:x:x:x::0/p — Subnet of IPv6 addresses, where p is a number from 0 to 64.
|
LogAttempts
|
Include a record of the network rule action in the report.
|
Yes — Log actions in the report.
No (default value)—Do not write the actions in the report.
|
The [NetworkZonesPublic] section contains network addresses associated with public networks. You can specify several IP addresses or subnets of IP addresses.
|
Address.item_#
|
Specifies IP addresses or subnets of IP addresses.
|
d.d.d.d — IPv4 address, where d is a decimal number from 0 to 255.
d.d.d.d/p — Subnet of IPv4 addresses, where p is a number from 0 to 32.
x:x:x:x:x:x:x:x — IPv6 address, where x is a hexadecimal number from 0 to ffff.
x:x:x:x::0/p — Subnet of IPv6 addresses, where p is a number from 0 to 64.
Default value: "" (no network addresses in this zone)
|
The [NetworkZonesLocal] section contains network addresses associated with local networks. You can specify several IP addresses or subnets of IP addresses.
|
Address.item_#
|
Specifies IP addresses or subnets of IP addresses.
|
d.d.d.d — IPv4 address, where d is a decimal number from 0 to 255.
d.d.d.d/p — Subnet of IPv4 addresses, where p is a number from 0 to 32.
x:x:x:x:x:x:x:x — IPv6 address, where x is a hexadecimal number from 0 to ffff.
x:x:x:x::0/p — Subnet of IPv6 addresses, where p is a number from 0 to 64.
Default value: "" (no network addresses in this zone)
|
The [NetworkZonesTrusted] section contains network addresses associated with trusted networks. You can specify several IP addresses or subnets of IP addresses.
|
Address.item_#
|
Specifies IP addresses or subnets of IP addresses.
|
d.d.d.d — IPv4 address, where d is a decimal number from 0 to 255.
d.d.d.d/p — Subnet of IPv4 addresses, where p is a number from 0 to 32.
x:x:x:x:x:x:x:x — IPv6 address, where x is a hexadecimal number from 0 to ffff.
x:x:x:x::0/p — Subnet of IPv6 addresses, where p is a number from 0 to 64.
Default value: "" (no network addresses in this zone)
|