Network rule is an allowed or blocked action that is performed by Firewall on detecting a network connection attempt. Configuring network rules lets you specify the desired level of virtual machine protection, from blocking Internet access for all applications to allowing unlimited access.
Firewall protects a virtual machine on two levels: network level and application level. Protection at the network level is provided by applying rules for network packets (network packet rules). Protection at the program level is provided by applying rules by which applications installed on the protected virtual machine can access network resources.
Based on the two levels of Firewall protection, you can create the following rule types:
Network packet rules have a higher priority than network rules for applications. If both network packet rules and network rules for applications are specified for the same type of network activity, the network activity is handled according to the network packet rules.
You can set a custom priority for each network packet rule and application network rule.
The network rules for applications do not take into account the following filter settings specified at the network level:
As a result of the joint use of rules by the network level and application level, network traffic may be blocked at the application level even if it is allowed at the network level.
Page top