Kaspersky Embedded Systems Security for Linux
3.4.0
English

Contents

Firewall Management in the Web Console

In the Web Console, you can configure Firewall Management settings in the policy properties (Application settings Essential Threat Protection Firewall Management).

Firewall Management settings

Setting

Description

Firewall Management enabled / disabled

This toggle button enables or disables Firewall Management.

The toggle button is switched off by default.

Network packet rules

Clicking the Configure network packet rules link opens the Network packet rules window. In this window, you can configure the list of network packet rules that are applied by the Firewall Management component when it detects the network connection attempt.

Available networks

Clicking the Configure available networks link opens the Available networks window. In this window, you can configure the list of networks that the Firewall Management component will monitor.

Incoming connections

In this drop-down list, you can select the action to be performed for incoming network connections:

  • Allow network connections (default value).
  • Block network connections.

Incoming packets

In this drop-down list you can select the action to be performed for incoming packets:

  • Allow incoming packets (default value).
  • Block incoming packets.

Always add allowing rules for Network Agent ports

This check box enables or disables automatic adding allowing rules for Network Agent ports.

The check box is selected by default.

Page top

[Topic 197245]

Network packet rules window

The Network packet rules table contains network packet rules that the Firewall Management component uses for network activity monitoring. You can configure the settings described in the table below for network packet rules.

Network packet rules settings

Setting

Description

Name

Network packet rule name.

Action

Action to be performed by Firewall Management when it detects the network activity.

Local addresses

Network addresses of devices that have Kaspersky Embedded Systems Security installed and can send and/or receive network packets.

Remote addresses

Network addresses of remote devices that can send and/or receive network packets.

Direction

Direction of the monitored network activity.

Protocol

Type of data transfer protocol for which network activity is monitored.

Local ports

Port numbers of local devices between which the connection is monitored.

Remote ports

Port numbers of remote devices between which the connection is monitored.

ICMP type

ICMP type. The Firewall Management component monitors messages of the specified type sent by a host or gateway.

ICMP code

ICMP code. The Firewall Management component monitors messages of the type specified in the ICMP type field and the code specified in the ICMP code field, sent by a host or gateway.

Logging

This column shows if the application logs actions of the network packet rule.

If the value is Yes, the application logs the actions of the network packet rule.

If the value is No, the application does not log the actions of the network packet rule.

By default, the table of network packet rules is empty.

You can add, edit, delete, move up, and move down network packet rules in the table.

Clicking the Move down button moves the selected item down in the table.

This button is available if only one item is selected in the table.

Clicking the Move up button moves the selected item up in the table.

This button is available if only one item is selected in the table.

Clicking the Delete button removes the selected item from the table.

This button is available if at least one item is selected in the table.

The selected element's settings are changed in a separate window.

Clicking the Add button opens a window where you can specify the new item settings.

Page top
[Topic 276349]

Network packet rule window

In this window, you can configure the network packet rule.

Network packet rule settings

Setting

Description

Rule name

The field for entering the name of the network packet rule.

Action

In the drop-down list, you can select an action to be performed by the Firewall Management component when it detects network activity:

  • Block network activity.
  • Allow network activity (default value).

Protocol

In the drop-down list, you can select the type of data transfer protocol for which you want to monitor network activity:

  • Any (default value)
  • GRE
  • ICMP
  • ICMPv6
  • IGMP
  • TCP
  • UDP

Specify ICMP type

This check box lets you specify the ICMP type. The Firewall Management component monitors messages of the specified type sent by the host or gateway.

If this check box is selected, the field for entering the ICMP type is displayed.

This check box is displayed only if ICMP or ICMPv6 data transfer protocol is selected in the Protocol drop-down list.

This check box is cleared by default.

Specify ICMP code

This check box lets you specify the ICMP code. The Firewall Management component monitors messages of the type specified in the field under the ICMP type check box, with the code specified in the field under the ICMP code check box, and sent by the host or gateway.

If this check box is selected, the field for entering the ICMP code is displayed.

This check box is displayed only if ICMP or ICMPv6 data transfer protocol is selected in the Protocol drop-down list. It is available only if the Specify ICMP type check box is selected.

This check box is cleared by default.

Direction

In this drop-down list, you can specify the direction of the monitored network activity:

  • Incoming packets (default value). If this option is selected, the Firewall Management component monitors incoming packets.
  • Incoming. If this option is selected, the Firewall Management component monitors incoming network activity.
  • Incoming/Outgoing. If this option is selected, the Firewall Management component monitors both incoming and outgoing network activity.
  • Incoming/Outgoing packets. If this option is selected, the Firewall Management component monitors both incoming and outgoing packets.
  • Outgoing packets. If this option is selected, the Firewall Management component monitors outgoing packets.
  • Outgoing. If this option is selected, the Firewall Management component monitors outgoing network activity.

Remote addresses

In this drop-down list, you can specify network addresses of the remote devices that can send and receive network packets:

  • Any address (default value). If this option is selected, the network rule controls network packets sent and received by remote devices with any IP address.
  • All subnet addresses. If this option is selected, the network rule controls network packets sent and received by remote devices with the IP addresses associated with the selected network type: Public networks, Local networks, or Trusted networks.
  • Specified address or address range. If this option is selected, the network rule controls the sending and receiving of network packets by remote devices with the IP addresses specified in the table below. You can specify multiple addresses at once. In this case, enter each address on a new line to make copying easier.

Specify remote ports

This check box allows you to specify the port numbers of the remote devices between which the connection must be monitored.

If this check box is selected, the field for entering port numbers is displayed.

This check box is displayed only if TCP or UDP data transfer protocol is selected in the Protocol drop-down list.

This check box is cleared by default.

Local addresses

In this drop-down list, you can specify the network addresses of the devices with Kaspersky Embedded Systems Security installed that can send and receive network packets:

  • Any address (default value). If this item is selected, the network rule controls sending and receiving of network packets by the devices with Kaspersky Embedded Systems Security installed and with any IP address.
  • Specified address or address range. If this option is selected, the network rule controls the IP addresses of devices with Kaspersky Embedded Systems Security installed, specified in the table below, that can transmit and receive network packets. You can specify multiple addresses at once. In this case, enter each address on a new line to make copying easier.

Specify local ports

This check box allows you to specify the port numbers of the local devices between which the connection must be monitored.

If this check box is selected, the field for entering port numbers is displayed.

This check box is displayed only if TCP or UDP data transfer protocol is selected in the Protocol drop-down list.

This check box is cleared by default.

Log events

This check box lets you specify whether the actions of the network rule are recorded in the report.

If the check box is selected, the application writes the actions of the network rule to the report.

If the check box is cleared, the application does not write the actions of the network rule to the report.

This check box is cleared by default.

Page top

[Topic 202313]

Available networks window

The Available networks table contains the networks controlled by the Firewall Management component. The table of available networks is empty by default.

Available networks settings

Setting

Description

IP address

Network IP address.

Network type

Network type (Public network, Local network, or Trusted network).

You can add, edit, and delete available networks.

Clicking the Delete button removes the selected item from the table.

This button is available if at least one item is selected in the table.

The selected element's settings are changed in a separate window.

Clicking the Add button opens a window where you can specify the new item settings.

Page top

[Topic 210497]

Network connection window

In this window, you can configure the network connection that the Firewall Management component will monitor.

Network connection

Setting

Description

IP address

The field for entering IP address of the network.

Network type

You can select the type of the network:

  • Public
  • Local
  • Trusted

     

Page top

[Topic 214875]