How to use Firewall in Kaspersky Small Office Security 7
Get maximum benefit from Kaspersky solutions
Firewall in Kaspersky Small Office Security controls all network connections and protects access to the local area network and the Internet according to the settings you have configured.
Using Firewall, you can:
- Edit network properties.
- Configure network connection rules for applications.
- Configure packet rules.
- Define a range of IP addresses.
How to configure network properties
- Click the settings icon in the lower-left corner of the Kaspersky Small Office Security main window. To learn how to open the application, see this guide.
- Go to the Protection section and select Safe Money.
- Click Networks.
- Select a network connection and click Edit in the lower-left corner.
- If necessary, change the network name and select a type from the drop-down list:
- Public network: for networks that are not protected by anti-virus applications, firewalls or filters. This status prevents other network users from accessing the files on your computer, or any printers connected to it. It is given to the Internet by default.
- Local network: for internal corporate or home networks. This status prevents other network users from accessing the files on your computer, or any printers connected to it.
- Trusted network: only for networks that are secure against attacks and attempts to get unauthorized access to data on the computer.
- Configure network notifications: select the checkboxes opposite the notifications you want to get.
- If necessary, select a printer.
- Click Save.
The network properties will be configured.
How to configure network connection rules for applications
- Click the settings icon in the lower-left corner of the Kaspersky Small Office Security main window. To learn how to open the application, see this guide.
- Go to the Protection section and select Safe Money.
- Click Configure application rules.
- Select the application in the Network column, then select an action from the drop-down list.
The network connection rules for applications will be set.
How to configure packet rules
- Click the settings icon in the lower-left corner of the Kaspersky Small Office Security main window. To learn how to open the application, see this guide.
- Go to the Protection section and select Firewall.
- Click configure packet rules.
- Select a packet rule and click Edit or Add.
- Select an action:
- Allow
- Block
- By application rules. In this case, the application rule will stop being active if another rule for the application already exists.
- Specify a name for the rule.
- Select the direction:
- Inbound (packet): the rule is only applied to incoming network packets.
- Outbound (packet): the rule is only applied to outgoing network packets.
- Inbound/Outbound: the rule is applied both to inbound and outbound network packets or data streams, regardless of which computer initiated the connection.
- Inbound: this rule is applied to network connections opened by a remote computer.
- Outbound: the rule is applied to network connections opened by your computer.
- Select a protocol. For ICMP or ICMPv6 protocols, set the type and ICMP packet code. For TCP and UDP, set remote ports and local ports.
- Specify the address:
- Any address: the rule is applied to any IP address.
- Subnet addresses. Select the subnet: Trusted, Local, or Public network. The rule is applied to the IP addresses of specified networks that are connected at the current moment.
- Addresses from the list: the rule is applied to the specified range of IP addresses.
- Set the status for the rule:
- Active
- Inactive
- To display the results of the packet rule in the report, select the Log events checkbox.
- Click Save.
- Firewall checks the rules one by one from the top to the bottom of the list. If some of the rules have the same parameters, but with different values, Firewall will use the rule that is closer to the top of the list.
To change the position of a rule on the list, use the up and down arrows.
The packet rules will be configured.
How to set a range of IP addresses
- Click the settings icon in the lower-left corner of the Kaspersky Small Office Security main window. To learn how to open the application, see this guide.
- Go to the Protection section and select Firewall.
- Click configure packet rules.
- Select a packet rule and click Edit or Add.
- Select Addresses from the list.
- In either the Remote addresses or Local addresses field, enter the IP range in Classless InterDomain Routing (CIDR) notation.
- Click Save.
A range of IP addresses will be set.
Example log of an IP address in CIDR notation
For a range of IP addresses in the format 10.96.0.0/11, the subnet mask is 11111111 11100000 00000000 00000000 in binary format, or 255.224.0.0 in decimal format.
11 digits of the IP address are intended for the network number, while the others are intended for the local address in the network. Therefore, 10.96.0.0/11 denotes a range of addresses from 10.96.0.1 to 10.127.255.255.
When CIDR routing is specified in the IPv4 networks, the rule is applied to the whole subnet.
For converting IP addresses to CIDR, we recommend using online services such as http://ip2cidr.com/.