When you define host triggers, you specify the host on both sides of the described network connection.
Traditionally, the way to express the relationship between hosts is referred to as being either the source or destination of a network connection.
You can define the host relationship in either one of the following ways:
Source and destination
The source host and destination host is dependent on the direction of traffic. In one case the local client computer might be the source, whereas in another case the remote computer might be the source.
The source and the destination relationship is more commonly used in network-based firewalls.
Local and remote
The local host is always the local client computer, and the remote host is always a remote computer that is positioned elsewhere on the network. This expression of the host relationship is independent of the direction of traffic.
The local and the remote relationship is more commonly used in host-based firewalls, and is a simpler way to look at traffic.
You can define multiple source hosts and multiple destination hosts. The hosts that you define on either side of the connection are evaluated by using an OR statement. The relationship between the selected hosts is evaluated by using an AND statement.
For example, consider a rule that defines a single local host and multiple remote hosts. As the firewall examines the packets, the local host must match the relevant IP address. However, the opposing sides of the address may be matched to any remote host. For example, you can define a rule to allow HTTP communication between the local host and either symantec.com, yahoo.com, or google.com. The single rule is the same as three rules.