Configuring and using rules

Rules represent a set of conditions used to meaningfully test all network connections and all actions assigned to these conditions. Using Firewall rules, you can define the action that is taken when different types of network connections are established. To access the rule filtering setup, navigate to Advanced setup (F5) > Firewall > Advanced. Some of predefined rules are bound to the check boxes from allowed services (IDS and advanced options) and they can not be turned off directly, instead you can use those related check boxes to do it.

Unlike the previous version of ESET Internet Security, rules are evaluated from top to bottom. The action of the first matching rule is used for each network connection being evaluated. This is an important behavioral change from the previous version, in which the priority of rules was automatic and more specific rules had higher priority then more general ones.

Connections can be divided into incoming and outgoing connections. Incoming connections are initiated by a remote computer attempting to establish a connection with the local system. Outgoing connections work in the opposite way – the local system contacts a remote computer.

If a new unknown communication is detected, you must carefully consider whether to allow or deny it. Unsolicited, unsecured or unknown connections pose a security risk to the system. If such a connection is established, we recommend that you pay particular attention to the remote computer and the application attempting to connect to your computer. Many infiltrations try to obtain and send private data, or download other malicious applications to host workstations. The Firewall allows you to detect and terminate such connections.