Configuring Firewall

You can configure the following Firewall options:

Select the operation mode

List authorized applications

Configure parameters for the known networks

Note

To access the Firewall parameters, you are prompted to enter the password if you have enabled the Protect Dr.Web settings with a password option in the settings.

By default, Firewall does not automatically create rules for known applications. Regardless of the operation mode, events are logged.

The default settings are optimal for most cases. Do not change them unnecessarily.

To select an operation mode and open Firewall parameters

1.Make sure Dr.Web operates in administrator mode (the lock at the bottom of the program window is open ). Otherwise, click the lock .

2.Click the Firewall tile. A component parameters window opens.

Figure 42. Firewall parameters

The Allow local connections option allows all applications on you computer to interconnect (i.e., allow unlimited local connections (to or from 127.0.0.1 interface (localhost)) between applications installed on your computer). This option is applied after verifying that the connections match the set rules. Disable this option to apply filtering rules to connections carried out both through the network and within your computer.

Selecting an operation mode

Select one of the following operation modes:

Operation mode

Description

Allow connections for trusted applications

This mode is used by default.

In this mode, all trusted applications are allowed to access network resources, including the internet. Among trusted applications are system applications, applications with Microsoft certificate, and applications with a valid digital signature. Rules for such applications are not displayed in the rule list. For other applications, Firewall prompts you to allow or block once the unknown connection manually, as well as create a new rule for it.

When a user application or operating system attempts to connect to a network, Firewall checks whether filtering rules have been created for the application. If no filtering rules have been set, you are prompted to select a temporary solution or create a rule to be applied each time this type of connection is detected.

Allow unknown connections

In this mode, Firewall allows all unknown applications for which filtering rules have not been set to access network resources, including the internet. No notification on access attempt is displayed by Firewall.

Interactive learning mode

In this mode, you have total control over Firewall reaction to the detection of unknown connections.

When a user application or operating system attempts to connect to a network, Firewall checks whether filtering rules have been created for the application. If no filtering rules have been set, you are prompted to select a temporary solution or create a rule to be applied each time this type of connection is detected.

Block unknown connections

In this mode, Firewall automatically blocks all unknown connections to network resources, including the internet.

When a user application or the operating system attempts to connect to a network, Firewall checks whether filtering rules have been created for the application. If there are no filtering rules, Firewall blocks network access for the application without displaying any notification to the user. If filtering rules for the application are set, Firewall processes the connection according to the specified actions.