8
NOTE: The
New network detected
window is not displayed if the computer’s IP address belongs to a subnet
which doesn’t contain any other IP addresses (mask 255.255.255.255), or is a public IP address. In both cases, the
subnet is treated as not trusted.
Zones can be used to create rules on a per network basis. The examples below show two separate networking
scenarios and a solution for each:
Task 1:
FTP communication should be enabled in the local network, and disabled outside the LAN, except for the public IP
addresses 217.67.22.98 and 72.32.7.91.
Solution 1:
Create a new zone, add the IP addresses 217.67.22.98 and 72.32.7.91 and name it “Internet FTP servers“. Create a new
rule allowing outgoing FTP communication. On the
Remote
tab, add the zones “Trusted zone” and “Internet FTP
servers “.
Task 2:
Client computers need to use DNS services within the local network. These services mustn’t be accessible from
outside the network (i.e., from the Internet), because the server is also an Internet gateway for the network.
Solution 2:
Create a new rule named “DNS for client computers”, using the following parameters:
General
tab - Direction:
IN
, Action:
ALLOW
, Protocol:
UDP
.
Local
tab - Local port: 53 (
DNS
).
Remote
tab - Zone:
Trusted zone
.
2..3 Strict rules & security levels
The administrator can select one of the following scenarios for deployment of the ESET Smart Security Personal
