By default, Kaspersky Security groups all applications that are installed in the operating system of the protected virtual machine by the name of the vendor of the software whose file or network activity it monitors. Application groups are in turn categorized into trust groups. All applications and application groups inherit properties from their parent group: application control rules, application network rules, and their execution priority.
The Firewall component creates a set of network rules for each group of applications that Kaspersky Security detected on the protected virtual machine, and applies network rules for a group of applications to filter the network activity of all applications that belong to the group. The application group network rules define the rights of applications within the group to access different network connections.
You can change the Firewall action that is applied to the application group network rules that are created by default. You cannot edit, remove, disable, or change the priority of application group network rules that are created by default.
You can also change the Firewall action for the network rules of an application that are inherited from the parent group of applications to which the application belongs. You cannot edit, remove, disable, or change the priority of the application network rules that are inherited from the parent group of applications.
You can also create network rules for an individual application. According to these network rules, Firewall will control access of this application to various network connections. A network rule for an application has a higher priority than the network rule of the group to which the application belongs.
You can change the Firewall action for inherited application network rules. You cannot edit, remove, disable, or change the priority of the application network rules that are inherited from the parent group of applications.
You can perform the following actions while managing network rules: