Configuring general settings of the Firewall Management task

To configure general settings of the Firewall Management task using the Administration Plug-in:

Expand the Managed devices node in the Kaspersky Security Center Administration Console tree.
Select the administration group for which you want to configure application settings.
Perform one of the following actions in the details pane of the selected administration group:
- To configure application settings for a group of protected devices, select the Policies tab and open the Properties: <Policy name> window.
- To configure the settings of a task or application for an individual protected device, select the Devices tab and go to local task settings or application settings.
In the Network activity control section, in the Firewall Management section, click the Settings button.
The Firewall Management window opens.
On the General tab, in the The program controls the operation of Windows Firewall according to the settings below block, select the mode of interaction between Kaspersky Industrial CyberSecurity for Nodes and Windows Firewall:
- Observe the state of Windows Firewall. If this option is selected, the application only monitors the status of Windows Firewall and sends a warning event to Kaspersky Security Center if Windows Firewall is not started.
  If this option is selected to replace the Control the operation of Windows Firewall option, the application restores the internal settings of Windows Firewall the next time the operating system of the protected device is started.
- Control the operation of Windows Firewall. If this option is selected, the application monitors Windows Firewall to the extent determined by the following settings:
  - Maintain the state of Windows Firewall.
    This feature enables or disables keeping Windows Firewall in the Enabled / Disabled state using the drop-down list.
    
    If the function is enabled, the application performs the following actions:
    - Polls Windows Firewall at an interval of one minute.
    - Reads the status of Windows Firewall.
    - When the status is set to Enabled, enables Windows Firewall if it is disabled.
    - When the status is Disabled, disables Windows Firewall when it is enabled.
    This feature cannot be disabled if the Manage settings and rules of Windows Firewall feature is disabled.
    
    By default, the feature is enabled and Enabled is selected.
  - Manage settings and rules of Windows Firewall.
    This feature enables or disables management of Windows Firewall settings and rules.
    
    If the function is enabled, the application performs the following actions:
    - Polls Windows Firewall at an interval of one minute.
    - Reads and copies Windows Firewall settings, including firewall rules.
    - Sets the values of Windows Firewall settings to match the Firewall Management task settings.
    - Creates a list of Kaspersky Security Group firewall rules in the Windows Firewall snap-in. This set contains all firewall rules of the Firewall Management task.
      Later, when polling Windows Firewall, the application does not synchronize the list of Kaspersky Security Group firewall rules with the list of rules of the Firewall Management task. To synchronize the lists of firewall rules, you must restart the Firewall Management task.
    - Restricts the ability to edit Windows Firewall settings and rules using third-party tools or directly in the snap-in (wf.msc). If Windows Firewall settings or rules are changed, within one minute the application rolls back the changes to the settings values defined using the Firewall Management task.
    If the function is disabled, the application restores the Windows Firewall settings and rules to the values that the application saved after the first poll of Windows Firewall and no longer manages the Windows Firewall settings and rules.
    
    This feature cannot be disabled if the Maintain the state of Windows Firewall feature is disabled.
    
    This feature is enabled by default.
  - Allow ICMP connections.
    The function allows or blocks incoming and outgoing network connections via the ICMPv4 and ICMPv6 protocols.
    
    If this function is enabled, Windows Firewall allows incoming and outgoing network connections via the ICMPv4 and ICMPv6 protocols, regardless of the task settings for incoming and outgoing connections.
    
    On operating systems below Windows 7, Windows Firewall allows only incoming network connections via the ICMPv4 and ICMPv6 protocols.
    
    This function is disabled by default.
In the Inbound connections block, configure the settings for incoming network connections:
- Use the Action for inbound connections drop-down list to specify the action that Windows Firewall performs for all incoming network connections, unless otherwise defined in the Firewall rules for incoming connections.
- If necessary, add Firewall rules for incoming connections.
  Firewall rules for incoming connections perform the role of exclusions. For example, if you configure an allowing rule for incoming network connections, and you select Block in the Action for inbound connections drop-down list, Windows Firewall allows incoming network connections that match the rule criteria.
In the Outbound connections block, configure the settings for outgoing network connections:
- Use the Action for outbound connections drop-down list to specify the action that Windows Firewall performs for all outgoing network connections, unless otherwise defined in the Firewall rules for outgoing connections.
- If necessary, add Firewall rules for outgoing connections.
  Firewall rules for outgoing connections perform the role of exclusions. For example, if you configure a blocking rule for outgoing network connections, and select Allow in the Action for outbound connections drop-down list, Windows Firewall blocks outgoing network connections that match the rule criteria.
Click the OK button to save the changes.

Kaspersky Industrial CyberSecurity for Nodes applies the new settings to the running task. The date and time when the settings were changed are saved in the system audit log.

Page top