Enabling or disabling a network rule for an application or an application group

All new network rules for an application or application group are added to the list of network rules with the Enabled status (the rule is applied).

In Kaspersky Security Center, you can disable a manually created network rule for an application group.

In the Light Agent for Windows local interface, you can disable a manually created rule for an application or application group.

Disabled rules are temporarily not applied.

To enable or disable a network rule for an application group in Kaspersky Security Center:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the Firewall section in the list on the left.
6. In right part of the window, the Firewall rules section, click the Settings button located in the upper part of the section.
7. In the Firewall window that opens, on the Application control rules tab, in the list of applications, select the application group whose network rule you want to enable or disable.
8. Click the Edit button or open the context menu and select the Group rules item.
9. In the Application group control rules window that opens, select the Network rules tab.
10. In the list of network rules, select the relevant network rule and perform one of the following actions:
    • To enable the network rule, set the check box next to the name of the network rule.
    • To disable the network rule, clear the check box next to the name of the network rule.

      You cannot disable an application group network rule that is created by Firewall by default.

11. In the Application group control rules window, click OK.
12. In the Firewall window, click OK.
13. Click the Apply button.

To enable or disable a network rule for an application or an application group in the local interface:

1. On the protected virtual machine, open the application settings window.
2. In the left part of the window, in the Anti-Virus protection section, select Firewall.

   In the right part of the window, the Firewall component’s settings are displayed.

3. Click the Application network rules button.

   The Firewall window opens to the Application control rules tab.

4. In the list of applications, select the application or the application group for which you want to enable or disable a network rule.

   If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

5. Click the Edit button or open the context menu and select Application rules or Group rules.

   This opens the Application control rules or Application group control rules window.

6. In the window that opens, select the Network rules tab.
7. In the list of network rules, select the relevant network rule and perform one of the following actions:
   • To enable the network rule, set the check box next to the name of the network rule for the application or the application group.
   • To disable the network rule, clear the check box next to the name of the network rule for the application or the application group.

     You cannot disable a network rule for an application or an application group that is created by Firewall by default.

8. Click OK in the Application control rules or Application group control rules window.
9. In the Firewall window, click OK.
10. To save changes, click the Save button.