How to use Firewall in Kaspersky Security Cloud 20
Latest update: July 18, 2019
ID: 15164
Firewall in Kaspersky Security Cloud controls all network connections and protects access to the local area network and the internet according to the settings.
Using Firewall, you can:
- Edit network properties.
- Configure network connection rules for applications.
- Configure packet rules.
- Define a range of IP addresses.
How to configure network properties
- In the main window of Kaspersky Security Cloud, click
.
- If you have any difficulties opening the application, see this guide.
- Go to the Protection section and select Firewall.
- Click Networks.
- Select the network connection and click Edit.
- If necessary, change the network name and select a type from the drop-down list:
- Public network: for networks that are not protected by anti-virus applications, firewalls or filters. This status prevents other network users from accessing the files on your computer, or any printers connected to it. It is given to the Internet by default.
- Local network: for internal corporate or home networks. This status prevents other network users from accessing the files on your computer, or any printers connected to it.
- Trusted network: only for networks that are secure against attacks and attempts to get unauthorized access to data on the computer.
- Configure network notifications: select the checkboxes opposite the notifications you want to get.
- If necessary, select a printer.
- Click Save.
The network properties will be configured.
How to configure network connection rules for applications.
- In the main window of Kaspersky Security Cloud, click .
- If you have any difficulties opening the application, see this guide.
- Go to the Protection section and select Firewall.
- Click Configure application rules.
- Select the application and, in the Network column, select an action from the drop-down list.
The network connection rules for applications will be set.
How to configure packet rules
- In the main window of Kaspersky Security Cloud, click .
- If you have any difficulties opening the application, see this guide.
- Go to the Protection section and select Firewall.
- Click configure packet rules.
- Select a packet rule and click Edit or Add.
- Select an action:
- Allow
- Block
- By application rules. In this case, the application rule will stop being active if another rule for the application already exists.
- Specify a name for the rule.
- Select the direction:
- Inbound (packet): the rule is only applied to incoming network packets.
- Outbound (packet): the rule is only applied to outgoing network packets.
- Inbound/Outbound: the rule is applied both to inbound and outbound network packets or data streams, regardless of which computer initiated the connection.
- Inbound: this rule is applied to network connections opened by a remote computer.
- Outbound: the rule is applied to network connections opened by your computer.
- Select a protocol. For ICMP or ICMPv6 protocols, set the type and ICMP packet code. For TCP and UDP, set remote ports and local ports.
- Specify the address:
- Any address: the rule is applied to any IP address.
- Subnet addresses. Select the subnet: Trusted, Local, or Public network. The rule is applied to the IP addresses of specified networks that are connected at the current moment.
- Addresses from the list: the rule is applied to the specified range of IP addresses. To learn how to set a range of IP addresses, see the guide below.
- Set the status for the rule:
- Active
- Inactive
- To display the results of the packet rule in the report, select the Log events checkbox.
- Click Save.
- Firewall checks the rules one by one from the top to the bottom of the list. If some of the rules have the same parameters, but with different values, Firewall will use the rule that is closer to the top of the list.
To change the position of a rule on the list, use the up and down arrows.
The packet rules will be configured.
How to set a range of IP addresses when creating packet rules
- In the main window of Kaspersky Security Cloud, click .
- If you have any difficulties opening the application, see this guide.
- Go to the Protection section and select Firewall.
- Click configure packet rules.
- Select a packet rule and click Edit or Add.
- In the Address section, select Addresses from the list.
- In either the Remote addresses or Local addresses field, enter the IP range in Classless InterDomain Routing (CIDR) notation.
- Click Save.
A range of IP addresses will be set.
Example log of an IP address in CIDR notation
For an IP range in the format 10.96.0.0/11, the subnet mask is 11111111 11100000 00000000 00000000 in binary format, or 255.224.0.0 in decimal format.
11 digits of the IP address are intended for the network number, and the other digits are intended for the local address in the network. Therefore, 10.96.0.0/11 denotes a range of addresses from 10.96.0.1 to 10.127.255.255.
When CIDR routing is specified in the IPv4 networks, the rule is applied to the whole subnet.
For converting IP addresses to CIDR, we recommend using an online service such as https://ip2cidr.com/.