Firewall Rules represent conditions used to meaningfully test all network connections and actions assigned to these conditions. Editing or adding Firewall rules may be required when the network settings change (for example, the network address or port number for the remote side changes) to ensure the correct operation of an application affected by a rule. An experienced user should create custom Firewall rules.
|
|
The following ESET Knowledgebase articles may only be available in English:
|
To add or edit a Firewall rule, open Advanced setup > Protections > Network access protection > Firewall > Rules > Edit. In the Firewall rules window, click Add or Edit.
Name—Type a name for the rule.
Enabled—Enable the toggle to make the rule active.
Add actions and conditions for the Firewall rule:
Action
Action—Select if you want to Allow/Block the communication which matches the conditions defined in this rule or if you want ESET Endpoint Security to Ask every time the communication establishes.
Log rule—If the rule is applied, it will be recorded in Log files.
Logging severity—Select the severity of the log record for this rule.
Notify user—Displays a notification when the rule is applied.
|
Application
Specify an application for which this rule will be applied.
Application path—Click ... and navigate to an application or enter the full path to the application (for example C:\Program Files\Firefox\Firefox.exe). Do NOT enter the name of the application alone.
Application signature—You can apply the rule to applications based on their signatures (publisher name). Select from the drop-down menu if you want to apply the rule to applications with Any valid signature or to applications Signed by a specific signer. If you select applications Signed by a specific signer, you need to define the signer in the Name of signer field.
Microsoft Store application—Select an application installed from Microsoft Store from the drop-down menu.
Service—You can select a system service instead of application. Open the drop-down menu to select a service.
Apply to child processes—Some applications may run more processes while you see only one application window. Enable this toggle to ensure that the rule will apply to every process for the specified application.
|
Direction
Select the Direction of communication to which this rule will apply:
- Both—Inbound and outbound communication.
- In—Inbound communication only.
- Out—Outbound communication only.
|
IP protocol
Select a Protocol from the drop-down menu if you want this rule to apply only to a specific protocol.
|
Local host
Local addresses, address range or subnet for which this rule is applied. If there is no address specified, the rule will apply to the whole communication with local hosts. You can add IP addresses, address ranges or subnets directly into the IP text field or select from already existing IP sets by clicking Edit next to IP sets.
|
Local port
Local Port number(s). If there are no numbers supplied, the rule will apply to any port. You can add a single communication port or a range of communication ports.
|
Remote host
Remote address, address range or subnet for which this rule is applied. If there is no address specified, the rule will apply to the whole communication with remote hosts. You can add IP addresses, address ranges or subnets directly into the IP text field or select from already existing IP sets by clicking Edit next to IP sets.
|
Remote port
Remote Port number(s). If there are no numbers supplied, the rule will apply to any port. You can add a single communication port or a range of communication ports.
|
Profile
A Firewall rule can be applied to specific Network connection profiles.
Any—The rule will be applied to any network connection despite the used profile.
Selected—The rule will be applied to a specific network connection based on the selected profile. Select the check box next to the profiles you want to select.
|
|
|
In this example, we create a new rule to allow the Firefox web browser application to access the internet / local network websites:
- In the Action section, select Action > Allow.
- In the Application section, specify the Application path of the web browser (for example C:\Program Files\Firefox\Firefox.exe). Do NOT enter the name of the application alone.
- In the Direction section, select Direction > Out.
- In the IP protocol section, select TCP & UDP from the Protocol drop-down menu.
- In the Remote port section, add Port numbers: 80,443 to allow standard browsing.
|
|
|
Pre-defined rules can be modified in a limited way.
|