By default, Kaspersky Endpoint Security groups all applications that are installed on the computer by the name of the vendor of the software whose file or network activity it monitors. Application groups are in turn categorized into trust groups. All applications and application groups inherit properties from their parent group: application control rules, application network rules, and their execution priority.
Like the Host Intrusion Prevention component, by default the Firewall component applies the network rules for an application group when filtering the network activity of all applications within the group. The application group network rules define the rights of applications within the group to access different network connections.
By default, Firewall creates a set of network rules for each application group that is detected by Kaspersky Endpoint Security on the computer. You can change the Firewall action that is applied to the application group network rules that are created by default. You cannot edit, remove, disable, or change the priority of application group network rules that are created by default.
You can also create a network rule for an individual application. Such a rule will have a higher priority than the network rule of the group to which the application belongs.
You can perform the following actions while managing network rules of applications:
You can create a new network rule by which the Firewall must regulate the network activity of the application or applications that belong to the selected group of applications.
All network rules are added to the list of network rules of applications with Enabled status. If a network rule is enabled, Firewall applies this rule.
You can disable a network rule that was manually created. If a network rule is disabled, Firewall temporarily does not apply this rule.
After you create a new network rule, you can always return to its settings and modify them as needed.
In the list of network rules, you can edit the action that the Firewall applies for the network rule upon detecting network activity in this application or application group.
You can raise or lower the priority of a custom network rule.
You can delete a custom network rule to stop the Firewall from applying this network rule to the selected application or application group upon detecting network activity, and to stop this rule from being displayed in the list of application network rules.