Support

Support for business applications

Kaspersky Endpoint Security 11 for Linux

Remote application administration using Kaspersky Security Center Web Console and Kaspersky Security Center Cloud Console

Policy settings

Firewall Management

Network packet rule window

Kaspersky Endpoint Security 11 for Linux
Нет результатов
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Network packet rule window

December 12, 2023

ID 202313

In this window, you can configure the network packet rule.

Network packet rule settings

Setting

Description

Rule name

The field for entering the name of the network packet rule.

Action

In the drop-down list, you can select an action to be performed by the Firewall Management component when it detects network activity:

  • Block network activity.
  • Allow network activity (default value).

Protocol

In the drop-down list, you can select the type of data transfer protocol for which you want to monitor network activity:

  • Any (default value)
  • GRE
  • ICMP
  • ICMPv6
  • IGMP
  • TCP
  • UDP

Specify ICMP type

This check box lets you specify the ICMP type. The Firewall Management component monitors messages of the specified type sent by the host or gateway.

If this check box is selected, the field for entering the ICMP type is displayed.

This check box is displayed only if ICMP or ICMPv6 data transfer protocol is selected in the Protocol drop-down list.

This check box is cleared by default.

Specify ICMP code

This check box lets you specify the ICMP code. The Firewall Management component monitors messages of the specified type (in the ICMP type field) with the specified code and sent by the host or gateway.

If this check box is selected, the field for entering the ICMP code is displayed.

This check box is displayed only if ICMP or ICMPv6 data transfer protocol is selected in the Protocol drop-down list. It is available only if the Specify ICMP type check box is selected.

This check box is cleared by default.

Direction

In this drop-down list, you can specify the direction of the monitored network activity:

  • Incoming packets (default value). If this option is selected, the Firewall Management component monitors incoming packets.
  • Incoming. If this option is selected, the Firewall Management component monitors incoming network activity.
  • Incoming/Outgoing. If this option is selected, the Firewall Management component monitors both incoming and outgoing network activity.
  • Incoming/Outgoing packets. If this option is selected, the Firewall Management component monitors both incoming and outgoing packets.
  • Outgoing packets. If this option is selected, the Firewall Management component monitors outgoing packets.
  • Outgoing. If this option is selected, the Firewall Management component monitors outgoing network activity.

Remote address

In this drop-down list, you can specify network addresses of the remote devices that can send and receive network packets:

  • Any address (default value). If this option is selected, the network rule controls network packets sent and received by remote devices with any IP address.
  • All subnet addresses. If this option is selected, the network rule controls network packets sent and received by remote devices with the IP addresses associated with the selected network type: Public networks, Local networks, or Trusted networks.
  • Specified address. If this option is selected, the network rule controls network packets sent and received by the remote devices with IP addresses specified in the Address field.

Specify remote ports

This check box allows you to specify the port numbers of the remote devices between which the connection must be monitored.

If this check box is selected, the field for entering port numbers is displayed.

This check box is displayed only if TCP or UDP data transfer protocol is selected in the Protocol drop-down list.

This check box is cleared by default.

Local address

In this drop-down list, you can specify the network addresses of the devices with Kaspersky Endpoint Security installed that can send and receive network packets:

  • Any address (default value). If this option is selected, the network rule controls sending and receiving of network packets by the devices with Kaspersky Endpoint Security installed and with any IP address.
  • Specified address. If this option is selected, the network rule controls the specified in the Address field network addresses of the devices with Kaspersky Endpoint Security installed that can send and receive network packets.

Specify local ports

This check box allows you to specify the port numbers of the local devices between which the connection must be monitored.

If this check box is selected, the field for entering port numbers is displayed.

This check box is displayed only if TCP or UDP data transfer protocol is selected in the Protocol drop-down list.

This check box is cleared by default.

Log events

This check box lets you specify whether the actions of the network rule are recorded in the report.

If the check box is selected, the application writes the actions of the network rule to the report.

If the check box is cleared, the application does not write the actions of the network rule to the report.

This check box is cleared by default.

Kaspersky Endpoint Security for Linux: High protection without performance compromising
Detects and blocks advanced threats. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.