About the Firewall Management task

Expand all | Collapse all

If Windows Firewall is turned off during installation of Kaspersky Embedded Systems Security for Windows, the Firewall Management task will not be executed after the installation is complete. If Windows Firewall is enabled during installation, the Firewall Management task is run after installation is complete.

If Windows Firewall is managed by a Kaspersky Security Center group policy, the Firewall Management task cannot be started.

The Firewall Management task does not filter network traffic independently, but it lets you manage the Windows Firewall via the Kaspersky Embedded Systems Security for Windows Console, Administration Plug-in, and Web Plug-in.

The task polls the Windows Firewall regularly. By default, the polling interval is set to one minute and cannot be changed.

While running the Firewall Management task, Kaspersky Embedded Systems Security for Windows performs the actions defined by the mode of interaction with Windows Firewall:

• Observe the state of Windows Firewall. The application only monitors the status of Windows Firewall and sends a warning event to Kaspersky Security Center if the Windows Firewall is not started.
• Control the operation of Windows Firewall. The application controls the operation of Windows Firewall to the extent determined by the following functions:
  • Maintain the state of Windows Firewall

    This feature enables or disables keeping Windows Firewall in the Enabled / Disabled state using the drop-down list.

    If the function is enabled, the application performs the following actions:

    • Polls Windows Firewall at an interval of one minute.
    • Reads the status of Windows Firewall.
    • When the status is set to Enabled, enables Windows Firewall if it is disabled.
    • When the status is Disabled, disables Windows Firewall when it is enabled.

    This feature cannot be disabled if the Manage settings and rules of Windows Firewall feature is disabled.

    By default, the feature is enabled and Enabled is selected.

  • Manage settings and rules of Windows Firewall.

    This feature enables or disables management of Windows Firewall settings and rules.

    If the function is enabled, the application performs the following actions:

    • Polls Windows Firewall at an interval of one minute.
    • Reads and copies Windows Firewall settings, including firewall rules.
    • Sets the values of Windows Firewall settings to match the Firewall Management task settings.
    • Creates a list of Kaspersky Security Group firewall rules in the Windows Firewall snap-in. This set contains all firewall rules of the Firewall Management task.

      Later, when polling Windows Firewall, the application does not synchronize the list of Kaspersky Security Group firewall rules with the list of rules of the Firewall Management task. To synchronize the lists of firewall rules, you must restart the Firewall Management task.

    • Restricts the ability to edit Windows Firewall settings and rules using third-party tools or directly in the snap-in (wf.msc). If Windows Firewall settings or rules are changed, within one minute the application rolls back the changes to the settings values defined using the Firewall Management task.

    If the function is disabled, the application restores the Windows Firewall settings and rules to the values that the application saved after the first poll of Windows Firewall and no longer manages the Windows Firewall settings and rules.

    This feature cannot be disabled if the Maintain the state of Windows Firewall feature is disabled.

    This feature is enabled by default.

Page top