Adding Firewall rules manually

To add a new or edit an existing rule for filtering incoming network traffic:

1. In the main window of the Web Console, select Devices → Policies & profiles.
2. Click the policy name you want to configure.
3. In the <Policy name> window that opens select the Application settings tab.
4. Select the Network activity control section.
5. Click Settings in the Firewall Management subsection.
6. Depending on the type of the rule whose status you want to modify, select the Applications Inbound or Outbound rules tab or Ports Inbound or Outbound rules tab, and perform one of the following actions:

   When you configure the rules for inbound and outbound connections, note the following options and limitations:

   • By default, type of the rule is opposite to the policy type. For example, for the Default deny policy, the default value for the rule is set to Allow. For the Default allow policy, the default value for the rule is set to Block. You can change the type of the rule as applicable.
   • You can configure the default task settings, if you connect a local Application Console to a remote device that runs any OS or if you connect a local Application Console to a local device that runs Windows 7 or later.
   • Configuring the default Firewall task settings is unavailable, if you connect a local Application Console to a local device that runs an operating system earlier than Windows 7.
   • To edit an existing rule, select the rule you want to edit and click Edit.
   • To add a new rule, click Add.
7. On the right part of the screen, perform the following operations:
   • If you are working with an application rule, do the following:
     1. Select the Use the rule check box, if you want to apply the created rule.
     2. In the Rule name field enter the name of the edited rule.
     3. On the Rule action list, select the Allow or Block option as applicable.
     4. Specify the Application path to the executable file of the application for which you are allowing a connection by modifying this rule.
     5. In the Rule application scope field, specify the network addresses for which the modified rule will be applied.

     You can only use IPv4 addresses.

   • If you are working with a port rule, do the following:
     1. Select the Use the rule check box, if you want to apply the created rule.
     2. In the Rule name field enter the name of the edited rule.
     3. Specify the Port number or Port range for which the application will allow connections.

        When you set up the ports to establish a network connection, note the following options and limitations.

        For inbound connections, you define the port settings for a local device. For outbound connections, you define the port settings for remote devices.

        For the Port number option, available values are 1–65535.

        For the Port range option, available values are 1–10, 20–30000, and 1–65535.

        The port settings limitations are as follows:

        • To set up a network connection for a local device run under Windows XP, you can specify only one port in the port settings, as Windows XP does not support the port range settings.
        • To set up a network connection for a remote device run under Windows XP, you can specify Port range, but the rule is applied only to the first port of the defined range, as Windows XP does not support the port range settings.
     4. Select the type of protocol (TCP / UDP) for which the application will allow connections.
     5. In the Rule application scope field, specify the network addresses for which the modified rule will be applied.

     You can only use IPv4 addresses.

8. Click OK.
9. Click OK in the Firewall Management window.

The specified task settings are saved. The new rule parameters will be sent to Windows Firewall.

Page top