ESET Online Help

Search English
Select the topic

Network Access Protection

Network Connection Profile Assignment

The network connection profile is assigned automatically.

Network Connection Profiles

Network connection profiles enable you to apply firewall rules to specific categories of network connections. A network connection also inherits a profile's properties, such as trust. You can use built-in or create custom profiles, both are assigned to network connections automatically. When a profile is active on a network connection, only the global rules (rules with no profile specified) and the rules that have been assigned to that profile are applied to it. You can create multiple profiles with different rules assigned to network connections to alter Firewall behavior easily.

Private Network Connection Profile

A profile for trusted, home or office networks, enabling file and resource sharing between devices and providing a more seamless and collaborative network experience.

Public Network Connection Profile

A profile for public or untrusted network environments, which prioritizes security and restricts sharing of files and resources with other devices on the network.

Add or edit Network Connection Profiles

Network connection profiles can be configured by clicking Edit. You can Edit, Remove or Copy existing profiles, or create a new one by clicking Add and specifying all fields as listed below:

Name—Custom name for your profile.

Description—Description of the profile to help identify the profile.

Always trusted addresses—Addresses defined here are added to the trusted zone of the network connection to which this profile is applied (regardless of the network's protection type).

Trusted connection—Your computer and shared files stored on your computer are visible to other network users, and system resources are accessible to other users on the network (access to shared files and printers is enabled, incoming RPC communication is enabled and remote desktop sharing is available). We recommend using this setting when creating a profile for a secure local network connection. All directly connected network subnets are also considered trusted. For example, if a network adapter is connected to this network with the IP address 192.168.1.5 and the subnet mask is 255.255.255.0, the subnet 192.168.1.0/24 is added to that network connection trusted zone. If the adapter has more addresses/subnets, all of them will be trusted.

Activators—Custom conditions that must be met to assign this network connection profile to a network connection. If the connected network has the same attributes as defined in activators for a connected network profile, the profile will be applied to the network. A network connection profile can have one or multiple activators. If there are multiple activators, the OR logic applies (at least one condition must be met).

important

Creating custom network connection profiles should be done by an experienced user.

IP sets

An IP set represents a collection of network addresses that create one logical group. IP sets can be configured by clicking Edit.

Pre-defined IP sets:

Trusted zone (The actual trusted zone is computed from these addresses and addresses specified in networks marked as trusted networks.)

Addresses excluded from IDS

TCP/UDP ports visibility zone (Addresses notified about unavailability of TCP/UDP ports.)

DNS servers

Local addresses

Local subnet

Private addresses

Trusted reverse proxies (The list of proxies for which the product is allowed to take the source IP from the X-Forwarded-For header.)

Local virtual machines (Subnets assigned to virtual adapters connected to internal virtual switches.)

Firewall