User guide
45
4.2.3.2 Editing rules
Modification is required each time any of the monitored parameters are changed. In this case, the rule cannot fulfill
the conditions and the specified action cannot be applied. If parameters have changed, the given connection may
be refused, which can result in problems with operation of the application in question. An example is a change of
network address or port number for the remote side.
The upper part of the window contains three tabs:
General – Specify a rule name, the direction of the connection, the action, the protocol and the profile to which
the rule will apply.
Local – Displays information about the local side of the connection, including the number of the local port or port
range and the name of the communicating application.
Remote – This tab contains information about the remote port (port range). It also allows you to define a list of
remote IP addresses or zones for a given rule.
Protocol represents the transfer protocol used for the rule. Click Select protocol... to open the Protocol selection
window.
All rules are enabled For every profile by default. Alternatively, select a custom firewall profile using the Profiles...
button.
If you click Log, the activity connected with the rule will be recorded in a log. Notify user displays a notification
when the rule is applied.
At the bottom of all three tabs is a summary of the rule. You will see the same information if you click the rule in the
main window (Tools > Network connections; right-click the rule and select Show details (see chapter Network
connections)).
When creating a new rule, you have to enter a name for the rule into the Name field. Select the direction to which
the rule applies from the Direction drop-down menu. Select the action to be executed when a communication
meets the rule from the Action drop-down menu.
A good example of adding a new rule is allowing your Internet browser to access the network. In this example, the
following must be configured:
In the General tab, enable outgoing communication via the TCP and UDP protocol.
Add the process representing your browser application (for Internet Explorer it is iexplore.exe) in the Local tab.
In the Remote tab, enable port number 80 only if you wish to allow standard Internet browsing activities.
4.2.4 Configuring zones
In the Zone setup window you can specify the zone name, description, network address list and zone authentication
(see also Zone authentication – Client configuration).
A zone represents a collection of network addresses that create one logical group. Each address in a given group is
assigned similar rules defined centrally for the whole group. One example of such a group is the Trusted zone. The
Trusted zone represents a group of network addresses which are fully trusted and not blocked by the Personal
firewall in any way.
These zones can be configured using the Zones tab in the Zone and rule setup window by clicking the Edit button.
Enter a Name for the zone, a Description, and add a remote IP address by clicking the Add IPv4/IPv6 address button.