ESET Endpoint Security – Table of Contents

Adding or editing Firewall rules

Copy current article URL Share via email

This article (PDF) Whole documentation (PDF)

Firewall Rules represent conditions used to meaningfully test all network connections and actions assigned to these conditions. Editing or adding Firewall rules may be required when the network settings change (for example, the network address or port number for the remote side changes) to ensure the correct operation of an application affected by a rule. An experienced user should create custom Firewall rules.

You can add or edit Firewall rules in Protections > Network Access Protection > Firewall > Rules > Edit. In the Firewall rules window, click Add or Edit.

Name—Type a name for the rule.

Enabled—Click the toggle to make the rule active.

Add actions and conditions for the Firewall rule:

Action

Action—Select if you want to Allow/Block the communication which matches the conditions defined in this rule or if you want ESET Security Ultimate to Ask every time the communication establishes.

Log rule—If the rule is applied, it will be recorded in Log files.

Logging severity—Select the severity of the log record for this rule.

Notify user—Displays a notification when the rule is applied.

OS

Select operating system.

Application

Specify an application where this rule will be applied.

Application path—Specify the application's full path. Do NOT type the name of the application alone.

Application signature—You can apply the rule to applications based on their signatures (publisher's name). Select from the drop-down menu if you want to apply the rule to applications with Any valid signature or to applications Signed by a specific signer. If you select applications Signed by a specific signer, you must define the signer in the Name of signer field.

App Store application—Select an application installed from the App Store in the drop-down menu.

Service—You can select a system service instead of an application.

Apply to child processes—Some applications may run more processes while you see only one application window. Click the toggle to enable the rule for every process in the specified application.

Direction

Select the Direction of communication for this rule:

Both—Inbound and outbound communication

In—Inbound communication only

Out—Outbound communication only

IP protocol

Select a Protocol from the drop-down menu if you only want this rule to apply to a specific protocol.

Local host

Local addresses, address range or subnet where this rule is applied. If there is no address specified, the rule will apply to all communication with local hosts. You can add IP addresses, address ranges or subnets directly into the IP text field or select from existing IP sets by clicking Edit next to IP sets.

Local port

Local Port number(s). If no numbers are supplied, the rule will apply to any port. You can add a single communication port or a range of communication ports.

Remote host

Remote address, address range or subnet where this rule is applied. If no address is specified, the rule will apply to all communication with remote hosts. You can add IP addresses, address ranges or subnets directly into the IP text field or select from existing IP sets by clicking Edit next to IP sets.

Remote port

Remote Port number(s). If no numbers are supplied, the rule will apply to any port. You can add a single communication port or a range of communication ports.

Profile

A Firewall rule can be applied to specific Network connection profiles.

Any—The rule will be applied to any network connection despite the used profile.

Selected—The rule will be applied to a specific network connection based on the selected profile. Select the check box next to the profiles you want to select.

˄˅