Adding Firewall rules manually

You can only add and edit rules for applications and ports. You cannot add new or edit existing group rules.

To add a new or edit an existing rule for filtering incoming network traffic:

1. Expand the Managed devices node in the Kaspersky Security Center Administration Console tree.
2. Select the administration group for which you want to configure application settings.
3. Perform one of the following actions in the details pane of the selected administration group:
   • To configure application settings for a group of protected devices, select the Policies tab and open the Properties: <Policy name> window.
   • To configure the application for a single protected device, select the Devices tab and open the Application settings window.

     If an active Kaspersky Security Center policy is applied to a device and blocks changes to application settings, then these settings cannot be edited in the Application settings window.

4. In the Network activity control section, click the Settings button in the Firewall Management subsection.
5. Click the Rules list button in the window that opens.

   The Firewall rules window opens.

6. Depending on the type of rule you want to add, select the Applications or Ports tab and perform one of the following actions:
   • To edit an existing rule, select the rule you want to edit in the rule list and click Edit.
   • To add a new rule, click Add.

     Depending on the type of rule being configured, the Application rule window or Port rule window opens.

7. In the window that opens, perform the following operations:
   • If you are working with an application rule, do the following:
     1. In the Rule name field enter the name of the edited rule.
     2. Specify the Application path to the executable file of the application for which you are allowing a connection by modifying this rule.

        You can set the path manually or by using the Browse button.

     3. In the Rule application scope field, specify the network addresses for which the modified rule will be applied.

     You can only use IPv4 addresses.

   • If you are working with a port rule, do the following:
     1. In the Rule name field enter the name of the edited rule.
     2. Specify the Port number for which the application will allow connections.
     3. Select the type of protocol (TCP / UDP) for which the application will allow connections.
     4. In the Rule application scope field, specify the network addresses for which the modified rule will be applied.

     You can only use IPv4 addresses.

8. Click OK in the Application rule or Port rule window.
9. Click OK in the Firewall Management window.
10. Click OK in the Properties: <Policy name> window.

The specified task settings are saved. The new rule parameters will be sent to Windows Firewall.