About firewall rules

Article:HOWTO55261  |  Created: 2011-06-29  |  Updated: 2011-12-16  |  Article URL http://www.symantec.com/docs/HOWTO55261
Article Type
How To


Subject


About firewall rules

Firewall rules are the policy components that control how the firewall protects computers from malicious incoming traffic and applications. The firewall checks all incoming packets and outgoing packets against the rules that you enable. It allows or blocks the packets based on the conditions that you specify in the firewall rule.

You can enable and disable firewall rules. The firewall does not inspect disabled rules.

Symantec Endpoint Protection installs with a default firewall policy that contains default rules. When you create a new firewall policy, Symantec Endpoint Protection provides default firewall rules. You can modify any of the default rules or create new firewall rules.

You must have at least one rule in a policy. But you can have as many rules as you need. You can enable or disable rules as needed. For example, you might want to disable a rule to perform troubleshooting and enable it when you are done.

Table: About firewall rules describes what you need to know about firewall rules.

Table: About firewall rules

Subject

Description

The difference between server rules and client rules

You should be familiar with the relationship between the client's user control level and the user's interaction with the firewall rules.

See About firewall server rules and client rules.

The order in which Symantec Endpoint Protection processes firewall rules

Understand how to order rules to ensure that the most restrictive rules are evaluated first and the most general rules are evaluated last.

See About the firewall rule, firewall setting, and intrusion prevention processing order.

What inherited rules are

You should be familiar with the implications of inheriting rules from a parent group and how inherited rules are processed.

See About inherited firewall rules.

What stateful inspection is

Symantec Endpoint Protection uses stateful inspection, which eliminates the need for you to create additional rules. You can learn what stateful inspection is and how it protects your network from threats.

See How the firewall uses stateful inspection.

About firewall rule triggers

Learn how firewall triggers can help protect your clients and servers.

When you understand about these triggers and how you can best use them, you can customize your firewall rules accordingly.

See About firewall rule application triggers.

See About firewall rule host triggers.

See About firewall rule network services triggers.

See About firewall rule network adapter triggers.

See Managing firewall protection

See Setting up firewall rules


Legacy ID



v44982524_v59371754


Article URL http://www.symantec.com/docs/HOWTO55261


Terms of use for this information are found in Legal Notices