Added network packet rule window

Protocol

You can select the type of data transfer protocol for which you want to monitor network activity:

• Any (default value)
• GRE
• ICMP
• ICMPv6
• IGMP
• TCP
• UDP

Direction

You can specify the direction of network activity being monitored:

• Incoming packets. If this option is selected, the Firewall Management component monitors incoming packets.
• Incoming. If this option is selected, the Firewall Management component monitors incoming network activity.
• Incoming/Outgoing. If this option is selected, the Firewall Management component monitors both incoming and outgoing network activity.
• Incoming/Outgoing packets. If this option is selected, the Firewall Management component monitors both incoming and outgoing packets.
• Outgoing packets. If this option is selected, the Firewall Management component monitors outgoing packets.
• Outgoing. If this option is selected, the Firewall Management component monitors outgoing network activity.

ICMP type

You can specify the ICMP type. The Firewall Management component monitors messages of the specified type sent by the host or gateway.

If the Specified option is selected, the field for entering the ICMP type will be displayed.

This window is displayed if the ICMP or ICMPv6 data transfer protocol is selected in the Protocol drop-down list.

ICMP code

You can specify the ICMP code. The Firewall Management component monitors messages of the specified type (in the ICMP type field) with the specified code and sent by the host or gateway.

If the Specified option is selected, the field for entering the ICMP code will be displayed.

This window is displayed if the ICMP or ICMPv6 data transfer protocol is selected in the Protocol drop-down list.

Remote ports

You can specify the port numbers of the remote devices between which the connection is to be monitored.

If the Specified option is selected, the field for entering the port numbers will be displayed.

This window is displayed only if TCP or UDP data transfer protocol is selected in the Protocol drop-down list.

Local ports

You can specify the port numbers of the local devices between which the connection is to be monitored.

If the Specified option is selected, the field for entering the port numbers will be displayed.

This window is displayed only if TCP or UDP data transfer protocol is selected in the Protocol drop-down list.

Remote addresses

You can specify the network addresses of the remote devices that can send and receive network packets:

• Any address (default value). If this item is selected, the network rule controls network packets sent and/or received by remote devices with any IP address.
• Specified address. If this item is selected, the network rule controls the sending and receiving of network packets by remote devices with the IP addresses that are specified in the field below.
• By network type. If this item is selected, the network rule controls network packets sent and received by remote devices with the IP addresses associated with the selected network type: Public networks, Local networks, or Trusted networks.

Local addresses

You can specify the network addresses of the devices with Kaspersky Endpoint Security installed that can send and receive network packets:

• Any address (default value). If this option is selected, the network rule controls network packets sent and/or received by the devices with Kaspersky Endpoint Security installed regardless of their IP address.
• Specified address. If this option is selected, the network rule controls the network addresses of devices with Kaspersky Endpoint Security installed that can send and receive network packets. These network addresses are specified in the field below.

Action

You can select an action to be performed by the Firewall Management component when it detects network activity:

• Block network activity.
• Allow network activity (default value).

Logging

You can specify whether the actions of the network rule will be logged in the report.

Rule name

The field for entering the name of the network packet rule.