Configuring Firewall Expert Rules

Updated

To add custom firewall protection to your PC, you can configure Firewall Expert Rules:

  • Source - traffic source
  • Destination - traffic destination
  • Protocol - transport layer protocol
  • Time - days and times
  • Action - allow or block
  • Rank - the priority order in the list of all expert rules

Expert Rules can be configured for specific groups based on:

  • Host names and IP addresses
  • Protocols and port numbers
  • Days and times of access

If a group changes, all the expert rules that use it are automatically updated.

To get to Expert Rules and Expert Group configuration:

  1. Click in the ANTIVIRUS & FIREWALL panel of the ZoneAlarm software client.
  2. Click Settings in the Advanced Firewall section.
  3. Click Advanced Settings.
    The Firewall Settings window opens and shows the Advanced settings.
  4. From the navigation tree, select Expert Rules.
  5. After you configure Expert Rules and Expert Groups as necessary, click OK.


Adding Expert Rules

To add an Expert Rule:

  1. In the Expert Rules configuration screen, click Add.
    The Add Expert Rule window opens.
  2. Select the Rank.
  3. Enter a Name and Comments (optional).
  4. Make sure the State is Enabled.
    Note: you can change the State to Disabled at any time for testing or troubleshooting purposes.
  5. Select an Action -
    • Allow - to allow the traffic that matches the rule criteria.
    • Block - to block the traffic that matches the rule criteria.
  6. Add criteria to the rule:
    • Source, Destination - click Modify > Add Location > [location option]:
      • My Computer - this PC.
      • Trusted Zone - computers and networks in the Trusted Zone ("Managing Basic Firewall Security Zone Settings")
      • Public Zone - computers and networks in the Public zone ("Managing Basic Firewall Security Zone Settings")
      • Any - any source/destination location, without restrictions (default)
      • Host/Site - add a Description and a Host name, then click Lookup, and OK
      • IP Address - add a Description and an IP Address, then click OK
      • IP Range - add a Description, the first IP Address of a range and the last one, then click OK
      • Subnet - add a Description, an IP Address and a Subnet Mask, then click OK
      • Gateway - add a Description, an IP Address and a MAC Address, then click OK
      • New Group - see how to add Location Expert Groups
      • Existing Group - select groups from the list, then click OK.
    • Protocol - click Modify > Add Protocol > [option]:
      • Add Protocol - add a Description, select a Protocol, a Destination Port and a Source Port, then click OK
      • New Group - see how to add Protocol Expert Groups
      • Existing Group - select groups from the list, then click OK
    • Time - click Modify > Add Time > [option]:
      • Day/Time Range - add a Description, select From and To values for the Time frame, Days of the week, then click OK
      • New Group - see how to add Time Expert Groups
      • Existing Group - select groups from the list, then click OK
  1. Click OK.


Editing or Deleting Expert Rules

To edit or to delete an expert rule:

  1. In the Expert Rules configuration screen, select an expert rule.
  2. Do one of these:
    • To delete the rule - click Remove, then Yes to confirm
    • To edit the rule - click Edit
      Add Expert Rule window opens. Change parameters as described in the Adding Expert Rules (on page 38) procedure.
  3. Click OK.


Managing Expert Groups

To manage Expert Groups:

  1. In the Expert Rules configuration screen, click Groups.
    The Expert Group Manager window opens.
  2. Do necessary procedures on Expert Groups:
    • Add
    • Remove
    • Edit
  3. Click OK to save and exit.


Adding Expert Groups:

You can add Expert groups based on:

  • Location
  • Protocols
  • Times

To add a Location Expert Group:

  1. Select the Locations tab.
  2. Click Add.
    Add Location Group window opens.
  3. Enter a Name and a Description (optional).
  4. Click Add.
  5. Select one of the options from the drop-down menu and enter the required parameters:
    • Host/Site - enter a Description and a Host name, and click Lookup to find the IP address of the host
    • IP Address - enter a Description and an IP Address
    • IP Range - enter a Description, the first IP Address of the range and the last IP Address of the range
    • Subnet - enter a Description, an IP Address and a Subnet Mask
    • Gateway - enter a Description, an IP Address and a MAC Address of a gateway
    Note - Description field is required.
  6. Click OK.
  7. Click OK.

To add a Protocol Expert Group:

  1. Select the Protocols tab.
  2. Click Add.
    Add Protocol Group window opens.
  3. Enter a Name and a Description (optional).
  4. Click Add.
    The Protocol window opens.
  5. Select one of the Protocol options from the drop-down menu and enter the required parameters:
    • TCP - Destination Port and Source Port by service name or port number. For example, HTTP or 80. The default is Any.
    • UDP - Destination Port and Source Port by service name or port number. For example, TFTP or 69. The default is Any.
    • TCP and UDP - Destination Port and Source Port by service name or port number. For example, TACACS or 49. The default is Any.
    • ICMP - ICMP service by Name or Type Number. For example, Echo Request or 8.
    • IGMP - IGMP service by Name or Type Number. For example, Multicast Traceroute or 31.
    • Custom - any protocol by Name or Protocol Number. For example, GRE or 47.
    Note - Description field is required.
  6. Click OK.
  7. Click OK.

To add a Time Expert Group:

  1. Select the Times tab.
  2. Click Add.
    The Add Time Group window opens.
  3. Enter a Name and a Description (optional).
  4. Click Add.
    The Day/Time Range window opens.
  5. Enter a Description.
  6. Select the From and To values for the Time. The default is Any.
  7. Select Days of the week.
  8. Click OK.
  9. Click OK.


Editing Expert Groups

To edit an Expert Group:

  • Select the tab for the Expert Group category:
    • Locations
    • Protocols
    • Times
  • Select an expert group from the list.
  • Click Edit.
    The corresponding Add Group window opens.
  • Click OK.
  • Click OK.
Was this article helpful?

Have more questions?

Submit Request