I am using Quick Heal and wanted guidance to configure Firewall Protection.
Any guideline on this?
To configure Firewall Protection, follow these steps:
Ø Open Quick Heal Total Security.
Ø On the Quick Heal Total Security Dashboard, click Internet & Network.
Ø Turn Firewall Protection on or off by using the toggle button.
Ø However, Firewall Protection is turned on by default.
Ø To set Firewall Protection, click anywhere in the Firewall Protection area.
Ø To enable monitoring of unsafe Wi-Fi Networks, turn Monitor Wi-Fi Networks on.
If you have enabled this option and try to connect to the unsecured Wi-Fi connections, an alert will be shown. You can decide whether you want to connect to such unsecured connections.
To configure rules for accessing the Internet and control network traffic, set the following policies:
Program Rules: Create rules for programs accessing the Internet.
Advanced Settings: Create rules for incoming and outgoing network traffic.
With Program Rules, you can allow or block programs from accessing the Internet.
To create rules for programs, follow these steps:
Ø On the Firewall Protection screen, click the Configure button next to Program Rules.
Ø On the Configure Program Rules screen, click the Add button to add a program.
Ø Only an executable program can be added.
The program that you added is enlisted in the program list. Under the Access column, select Allow or Deny for accessing the network as required.
Ø To save your setting, click OK.
Ø Allow only trustworthy programs
Trustworthy programs are those programs that are verified and their identity is known while untrustworthy programs are those ones that are not verified or are suspicious. Malicious programs mask their identity to run a covert operation. Such programs may be harmful to the network and computers.
You can block all untrustworthy programs from accessing the Internet by selecting the Allow only trustworthy programs checkbox.
Firewall security level includes the following:
Low: Allows all incoming and outgoing connections.
Medium: Monitors incoming traffic and displays the message as per suspicious behavior of an application.
High: Monitors both incoming and outgoing traffics and displays the message as per suspicious behavior of an application.
Block all: Blocks all incoming and outgoing connections. If you set this security level, Internet connection for all applications including Quick Heal Total Security will be blocked. For example, Quick Heal update and sending system information among other features may not work.
To create rules for incoming and outgoing network traffics, follow these steps:
Ø On the Firewall Protection screen, click the Configure button next to Advanced Settings.
Ø On the Advanced Settings page, select the following as required:
Display Alert Message: Select this option if you want to get alert messages if connections matching exceptions rule are made for blocked outbound connections. This applies to outbound connections only.
Create Reports: Select this option if you want a report to be created. You may also configure a different path to save the report.
Network Connections: Using this option, set a network profile for network connections.
Traffic Rules: Using this option, set a rule for network traffic.
To save the settings, click OK.
With Network Connections, you can set a Firewall profile for
network connections. Under Network Profile Settings, you can see the following
Home: All incoming and outgoing connections are allowed except exceptions.
Work: All incoming and outgoing connections are allowed except exceptions.
Public: All incoming and outgoing connections are allowed except exceptions.
Restricted: All incoming and outgoing connections are blocked except exceptions.
Note: The logic for network profile may be changed based on your requirement. For example, if a network environment is considered less risky, you may turn stealth mode on or off. Similarly, you may allow or block sharing of file and printer. However, default setting is ideal for required security.
Enabling Stealth Mode hides the system in the network making it invisible to others thus preventing attacks.
File & Printer Sharing:
Allowing this option will enable you to share file & printer between other users and you. However, with sharing of files and printer, the files may be accessed by unauthorized entities.
With Traffic Rule, you can allow or block network traffic. You can add exception to allow incoming and outgoing communications through IP addresses and ports.
To configure a policy, follow these steps:
Ø On the Advanced Settings screen, click the Traffic Rules tab.
Ø Click the Add button.
Ø In the Exception Name text box, write a rule name and then select a protocol. Click Next.
Ø The protocol includes: TCP, UDP, and ICMP.
Ø Under Local IP Address, select either Any IP Address, IP Address, or IP Address Range. Type the IP Address accordingly and then click Next.
Ø Under Local TCP/UDP Ports, select either All Ports, Specific Port(s), or Port Range. Type the Ports accordingly and then click Next.
Ø Under Remote IP Address, select either Any IP Address, IP Address, or IP Address Range. Type the IP Address accordingly and then click Next.
Ø Under Remote TCP/UDP Ports, select either All Ports, Specific Port(s), or Port Range. Type the Ports accordingly and then click Next.
Ø Under Select Action, select either Allow or Deny.
Ø Under Network Profile, select either or a combination of the profile options such as Home, Public, Work, or Restricted.
Ø Click Finish.
The following table describes the buttons and their functions.
Add: Helps you create an exception rule.
Delete: Helps you delete an exception rule from the list. Select the rule and then click Delete.
Up: Helps you move a rule upward to arrange according to your preference.
Down: Helps you move a rule downward to arrange according to your preference.
Default: Helps you set the rules to default settings.
OK: Helps you save your settings.
Cancel: Helps you cancel your settings and close the Advanced Settings dialog.