Firewall - Rule sets
On the Rule sets panel you can create rule sets for various network zones. Each rule set can contain any number of firewall rules.
The currently selected rule set is listed under Rule set. Rule sets can be managed using the New, Delete, Import and Export buttons. Under Settings, the following settings can be configured:
- Name: The name of the selected rule set.
- Note: A description of the selected rule set.
- Stealth mode enabled: Block requests to the computer that try to verify a port's accessibility. This makes it difficult for attackers to obtain system information.
Firewall - New rule set
Enter a Name for the rule set and an optional Note. Select Stealth mode enabled to block requests
to the computer that try to verify a port's accessibility.
Under Select the rules from the default rule set that should be used, pick one or more predefined
rules to add to the rule set. After clicking OK, the rule set will be shown in the Rule sets overview.
Firewall - New rule/Edit rule
Under Rules, use the New or Edit buttons to add a rule to the current rule set or to edit an existing rule.
Name: For pre-defined and automatically generated rules, this field displays the program name to which the rule applies.
Rule enabled: Enable/disable a rule without actually deleting it.
Note: This indicates how the rule was created. Pre-defined rule is listed next to preset rules; Generated in response to alert is listed next to rules that arise from the dialogue from the Firewall alarm; and, for rules that you generate yourself via the advanced dialogue, you can insert your own comment.
Connection direction: Specify if the selected rule applies to inbound or outbound connections, or both.
Access: Allowed or denied access for the program within this rule set.
Protocol: Select the connection protocols you want to permit or deny access. You can universally block or enable protocols or link use of a protocol to one or more specific applications (Assign application). Similarly, you can use the Assign port button to specify the ports that you do or do not wish to use.
Time frame: Set up time-related access to network resources to ensure, for example, that the network can only be accessed during a normal working day and is blocked at all other times.
IP space: It is advisable to regulate network use by restricting the IP address range, especially for networks with fixed IP addresses. A clearly defined IP address range significantly reduces the risk of attack from a hacker.
Firewall - Rule wizard
The Rule wizard helps you add rules to the selected rule set or to modify existing rules.
The following actions are available in the Rule wizard:
- Grant or deny access for a specific application: Select a targeted application and permit or prohibit access to the network as part of the selected rule set. Simply use the wizard to select the desired program (program path), then indicate under Connection direction whether the program is to be blocked for inbound connections, outbound connections, or both. This enables you, for example, to prevent your MP3 player software from forwarding data about your listening habits (outbound connections) or to ensure that program updates are not downloaded automatically (inbound connections).
- Open or close a specific port: The wizard provides the option of blocking ports completely orenabling them for a particular application only (e.g. CRM software).
- Add one or more default rules: Add rules from the default rule set to the selected rule set.
- Copy an existing rule