How to use Firewall in Kaspersky Total Security 2018
It is essential to protect your data when your PC is connected to a network, as it can be intercepted or accessed by criminals. To protect your network connection, use the Firewall component.
The Firewall component of Kaspersky Total Security 2018 monitors all network connections in accordance with the component settings. Depending on the status, it allows or denies access.
One of the following statuses can be assigned to each network:
- Public network: recommended for networks not protected by anti-virus software, firewalls or filters. This status prevents other network users from accessing the files on your computer, or any printers connected to it. It is given to the Internet by default.
- Local network: recommended for networks whose users you trust, such as home or local corporate networks. This status allows other network users to access the files on your computer, and any printers connected to it.
- Trusted network: recommended only for networks that are secure against attacks and attempts to get unauthorized access to data on the computer.
Using the Firewall component of Kaspersky Total Security 2018, you can change the status of the network or deny access to the network for an application.
How to change the network status
- In the main window of Kaspersky Total Security 2018, click the gear button
.
- If you have problems opening the application window, see this guide.
- In the Settings window, go to Protection → Firewall.
- In the Firewall settings window, click Networks.
- In the Network properties window, select the connection whose status you want to change. Choose the type of network from the drop-down list.
How to block Internet access using Firewall
- In the main window of Kaspersky Total Security 2018, click the gear button
.
- If you have problems opening the application window, see this guide.
- In the Settings window, go to Protection → Firewall.
- In the Firewall settings window, click the Configure application rules link.
- In the Application network rules window, select the application or group of applications. Then in the Network column, select Deny from the drop-down list.
How to create a packet rule in Firewall
- In the main window of Kaspersky Total Security 2018, click the gear button
.
- If you have problems opening the application window, see this guide.
- In the Settings window, go to Protection → Firewall.
- In the Firewall settings window, click Configure packet rules.
- In the Packet rules window:
- Click Add to create a new rule.
- You can also use packet rule templates by selecting them from the list.
.
- Select an action:
- Allow
- Block
- By application rules. In this case, the application rule will stop being active if another rule for the application already exists.
- Specify a name for the rule.
- Select the direction:
- Inbound (packet) is applied to network packets received by your computer.
- Inbound is applied to network connections opened by a remote computer.
- Inbound/Outbound is applied both to inbound and outbound network packets or data streams, regardless of which computer initiated the connection.
- Outbound (packet) is applied to data packages sent by your computer.
- Outbound is applied to network connections opened by your computer.
- Select the protocol. For ICMP or ICMPv6 protocols, set the type and ICMP packet code.
- Specify the address:
- Any address: the rule is applied to any IP address.
- Subnet addresses. Select the subnet: Trusted, Local, or Public network. The rule is applied to the IP addresses of specified networks that are connected at the current moment.
- Addresses from the list: the rule is applied to the specified IP range. learn how to set a range of IP addresses in Kaspersky Total Security 2018 in the next block of this article.
- Set the status for the rule:
- Active
- Inactive
- To display the results of the packet rule in the report, select the check box Log events.
- Tap Save.
How to set an IP range
- In the Packet rules window, select Addresses from the list.
- In either the Remote addresses or Local addresses field, enter the IP range in Classless InterDomain Routing (CIDR) notation.
If you don’t know how to write an IP range in CIDR notation, see the following example.
Example log of an IP address in CIDR notation
The subnet mask is 11111111 11100000 00000000 00000000 in binary format, or 255.224.0.0 in decimal format. 11 digits of the IP address are intended for the network number, and the other 21 digits (32 - 11) for the local address in the network. Therefore, 10.96.0.0/11 means the range of the addresses from 10.96.0.1 to 10.127.255.255.
For converting IP addresses to CIDR, we recommend using online services such as http://ip2cidr.com/.
