Manualshelf

User guide

ManualsBrandsESET ManualsSoftwareSmart Security 6
41424344454647484950
41
4.2.3.2 Editing rules
Modification is required each time any of the monitored parameters are changed. In this case, the rule cannot fulfill the
conditions and the specified action cannot be applied. If parameters have changed, the given connection may be
refused, which can result in problems with operation of the application in question. An example is a change of network
address or port number for the remote side.
The upper part of the window contains three tabs:
General Specify a rule name, the direction of the connection, the action, the protocol and the profile to which the
rule will apply.
Local Displays information about the local side of the connection, including the number of the local port or port
range and the name of the communicating application.
RemoteThis tab contains information about the remote port (port range). It also allows you to define a list of
remote IP addresses or zones for a given rule.
Protocol represents the transfer protocol used for the rule. Click Select protocol... to open the Protocol selection
window.
All rules are enabled For every profile by default. Alternatively, select a custom firewall profile using the Profiles...
button.
If you click Log, the activity connected with the rule will be recorded in a log. Notify user option displays a notification
when the rule is applied.
At the bottom of all three tabs is a summary of the rule. You will see the same information if you click the rule in the
main window (Tools > Network connections; right-click the rule and enable the Show details option (see chapter
Network connections)).
When creating a new rule, you have to enter a name for the rule into the Name field. Select the direction to which the
rule applies from the Direction drop-down menu. Select the action to be executed when a communication meets the
rule from the Action drop-down menu.
A good example of adding a new rule is allowing your Internet browser to access the network. In this example, the
following must be configured:
In the General tab, enable outgoing communication via the TCP and UDP protocol.
Add the process representing your browser application (for Internet Explorer it is iexplore.exe) in the Local tab.
In the Remote tab, enable port number 80 only if you wish to allow standard Internet browsing activities.
4.2.4 Configuring zones
In the Zone setup window you can specify the zone name, description, network address list and zone authentication
(see also Zone authentication Client configuration).
A zone represents a collection of network addresses which create one logical group. Each address in a given group is
assigned similar rules defined centrally for the whole group. One example of such a group is the Trusted zone. The
Trusted zone represents a group of network addresses which are fully trusted and not blocked by the Personal firewall
in any way.
These zones can be configured using the Zones tab in the Zone and rule setup window, by clicking the Edit button.
Enter a Name for the zone, a Description, and add a remote IP address by clicking the Add IPv4/IPv6 address button.
4.2.4.1 Network authentication
For mobile computers, it is recommended that you verify the network credibility of the network that you are
connecting to. The Trusted zone is identified by the local IP address of the network adapter. Mobile computers often
enter networks with IP addresses that are similar to the trusted network. If the Trusted zone settings are not manually
switched to Public network, the Personal firewall will continue to use the Home/work network mode.
To prevent this type of situation, we recommended using zone authentication.