Rules

Navigation:  Operating the firewall > Rule sets > Create rule sets > Using the advanced editing mode >

Rules

 Previous pageReturn to chapter overviewNext page

The list of rules contains all the rules specified as existing exceptions for this rule set. This means, for example, that selected programs can be authorised for numerous network accesses even if the network is classified as untrustworthy. The rules applicable here may have been created in various ways:

Via the Rule wizard

Directly using the advanced editing mode via the New button

Using the dialogue in the info box displayed when the firewall alarm is triggered.

Of course, each rule set has its own list of rules.

Since the firewall rules are partly nested hierarchically, it is sometimes important to note the ranking of each rule. For example, a port that you have granted access to may be blocked again because a certain protocol is denied access. To modify the rank of a rule in the sequence, highlight it with the mouse and use the arrow buttons under Rank to move it up or down the list.

If you create a new rule using the advanced editing mode or modify an existing rule using the Edit dialogue, the Edit rule dialogue appears with the following adjustment options:

Name: For default and automatically generated rules, this displays the program name to which the relevant rule applies. You can also use the Edit button at any time to change the name or add further information.

Rule enabled: You can disable a rule without actually deleting it by deactivating the checkbox.

Remark: This indicates how the rule was created. Default rule is listed next to rules preset for the rule set; generated in response to alert is listed next to rules that arise from the dialogue from the Firewall alarm; and for rules that you generate yourself via the advanced editing mode you can insert your own comment.

Direction of connection: With Direction, you specify if the selected rule applies to incoming or outgoing connections, or to both incoming and outgoing connections.

Access: This specifies if access is to be permitted or denied for the relevant program within this rule set.

Protocol: This allows you to select the connection protocols you want to permit or deny access. You can generally block or enable protocols or link usage of a protocol to the use of one or more specific applications (Match to applications). Similarly, you can use the Match to Internet service button to specify the ports that you do or do not wish to use.

Time window: You can also set up time-related access to network resources to ensure, for example, that the network can only be accessed during your normal working day and is blocked at all other times.

IP address space: It is advisable to regulate network use by restricting the IP address range, especially for networks with fixed IP addresses. A clearly defined IP address range significantly reduces the risk of attack from a hacker.