By default, Firewall is enabled and functions in the optimal mode.
How to enable or disable the Firewall in the Administration Console (MMC)
How to enable or disable the Firewall in the Web Console and Cloud Console
How to enable or disable the Firewall in the application interface
As a result, if the Firewall is enabled, Kaspersky Endpoint Security controls network activity and blocks unauthorized network connections to your computer, as well as blocks unauthorized network activity of applications on your computer. Network activity is also controlled by the Network Threat Protection component. The Network Threat Protection component (also called Intrusion Detection System) monitors inbound network traffic for activity characteristic of network attacks.
Kaspersky Endpoint Security logs network attack events in its reports irrespective of the Firewall settings. Even if the Firewall blocks the network connection using rules and thus prevents a network attack, the Network Threat Protection component registers network attack events. It is required to generate statistical information about network attacks on the computers in your organization.
Page top