Support

Support for business applications

Kaspersky Endpoint Security 10 for Linux ARM Edition

Remote administration of the application through Kaspersky Security Center Web Console

Policy settings

Firewall Management

Network packet rule window

Kaspersky Endpoint Security 10 for Linux ARM Edition
Knowledge Base Online Help
FAQ System requirements Forum Contact support Recovery tools Product videos

Network packet rule window

January 20, 2022

ID 194036

In the Network packet rule window, you can configure network packet rules that the Firewall Management task will use for monitoring network activity.

Network packet rules settings

Setting

Description

Rule name

Entry field for a name of a Firewall Management rule.

Actions

In this drop-down list, you can specify the action to be performed by Firewall Management when it detects the network activity:

  • Block network activity.
  • Allow network activity.

    The Allow action is selected by default.

Protocol

In this drop-down list, you can specify the type of data transfer protocol for which network activity is to be monitored.

Available values:

  • Any
  • TCP
  • UDP
  • ICMP
  • ICMPv6
  • IGMP
  • GRE

    The Any item is selected by default.

Specify ICMP type

This check box lets you specify the ICMP type. The Firewall Management monitors messages of the specified type sent by the host or gateway.

If this check box is selected, the field for entering the ICMP type is displayed.

This check box is displayed only if ICMP or ICMPv6 data transfer protocols were selected in the Protocol drop-down list.

This check box is cleared by default.

Specify ICMP type

This check box lets you specify the ICMP code. The Firewall Management monitors messages of the specified type (in the ICMP type field) and code sent by the host or gateway.

If this check box is selected, the field for entering the ICMP code is displayed.

This check box is displayed only if ICMP or ICMPv6 data transfer protocols were selected in the Protocol drop-down list; and it is available only if the Specify ICMP type check box is selected.

This check box is cleared by default.

Direction

In this drop-down list, you can specify, the direction of the monitored network activity:

  • Incoming packets—If this option is selected, Firewall Management monitors incoming packets.
  • Incoming—If this option is selected, Firewall Management monitors incoming network activity.
  • Incoming/Outgoing—If this option is selected, Firewall Management monitors both incoming and outgoing network activity.
  • Incoming/Outgoing packets—If this option is selected, Firewall Management monitors both incoming and outgoing packets.
  • Outgoing packets—If this option is selected, Firewall Management monitors outgoing packets.
  • Outgoing—If this option is selected, Firewall Management monitors outgoing network activity.

    The Incoming packets item is selected by default.

Remote address

In this drop-down list, you can specify the network addresses of remote computers that can send and/or receive network packets.

  • Any address. If this item is selected, the network rule controls network packets sent and/or received by remote computers with any IP address.
  • All addresses from subnet. If this item is selected, the network rule controls network packets sent and/or received by remote computers with IP addresses associated with the selected network type: Public, Local, or Trusted.
  • Specified address. If this item is selected, the network rule controls network packets sent and/or received by remote computers with IP addresses that are specified in the Address entry field.

    The Any address item is selected by default.

Specify remote ports

This check box lets you specify port numbers of the remote computers between which the connection is to be monitored.

If this check box is selected, the field for entering port numbers is displayed.

This check box is displayed only if TCP or UDP data transfer protocols were selected in the Protocol drop-down list.

This check box is cleared by default.

Local address

In this drop-down list, you can specify the network addresses of computers that have Kaspersky Endpoint Security installed and can send and/or receive network packets:

  • Any address. If this item is selected, the network rule controls network packets sent and/or received by computers with Kaspersky Endpoint Security installed and with any IP address.
  • Specified address. If this item is selected, the network rule controls the specified in the Address field network addresses of computers that have Kaspersky Endpoint Security installed and can send and/or receive network packets.

    The Any address item is selected by default.

Specify local ports

This check box lets you specify port numbers of the local computers between which the connection is to be monitored.

If this check box is selected, the field for entering port numbers is displayed.

This check box is displayed only if TCP or UDP data transfer protocols were selected in the Protocol drop-down list.

This check box is cleared by default.

Log events

This check box lets you specify whether the actions of the network rule are reflected in the report:

If this check box is selected, Kaspersky Endpoint Security logs the actions of the network rule.

If the check box is cleared, Kaspersky Endpoint Security does not log the actions of the network rule.

This check box is cleared by default.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.