You can manage the access granted to applications on your computer. Using application control, you can assign spe- cific access rights to applications, and control their access to the local network and Internet.
•
Define ZonesYou can set protection levels for the Safe Zone and
Restricted Zone. Setting protection levels lets you to restrict your computer and applications to a level of access and visi- bility of your choice. These protection levels are explained in detail in the topics mentioned below.
•
Customize RulesAdding expert firewall rules allow you to control access to many types of protocols and specified IP addresses.
Application Control Tab
By default, CA Personal Firewall alerts you to all launched programs that attempt to use the local network or Internet — for example, browsers, download managers, or anti-virus software. When an alert is displayed, you can either allow the connection or refuse it. After making your selection in the alert pop-up window, the program that attempted to access the Internet is added to the list of applications in the Application Control window.
Note
You can also use the Application Control window to manually add appli- cations for which you want to configure access to the local network or Internet.
The Application Control tab, as shown in Figure 7-13, contains the following items:
Figure 7-13:Application Control tab
•
Advanced Application ControlProvides a list of applications and the access that they have been granted. Using the following buttons and fields, you can add or delete programs from the list, and access rules settings for listed applications.
•
Add: Lets you add applications to the ApplicationControl window.
•
Edit: Lets you edit the access for selected applications.•
Delete: Lets you delete selected applications from theApplication Control list.
•
ActiveIndicates that the program is currently running.
•
Program Application•
AccessShows the level of access the application has in the Safe Zone and Restricted Zone. Access refers to the application in question being permitted to use the local network, or Internet.
Here are all the possible status conditions:
•
Checkmark: Indicates that access is granted.•
Stop Sign: Indicates that access is denied.•
Question Mark: Indicates that you will be askedwhether you want to grant access when an application attempts to gain access.
•
ServerShows the level of access for applications that are acting as servers in the Safe Zone and Restricted Zone. The Server setting refers to applications that require incoming connections. For example, if you wish to use a file sharing application that allows incoming connections, you will need to grant that application Server access.
Here are all the possible status conditions:
•
Checkmark: Indicates that access is granted.•
Stop Sign: Indicates that access is denied.•
Question Mark: Indicates that you will be askedwhether you want to grant access when an application attempts to gain access.
•
Send MailShows the level of access for applications attempting to send email. A checkmark indicates that access is granted. A stop sign indicates that access is denied. A question mark indicates that you will be asked whether you want to grant access when an application attempts to gain access.
Zones Tab
The Zones Tab, as shown in Figure 7-14, contains the following items:
Figure 7-14:The Zones tab
•
Safe Zone Protection LevelThe Safe Zone is a part of the network that you trust. The following Safe Zone protection levels are available:
•
High: All traffic is blocked unless you explicitly addrules to allow traffic. Your computer cannot be seen by hackers. Access to Windows NetBIOS services, and network file and printer sharing is blocked. Ports are blocked unless you have provided permission for a pro- gram to use them.
•
Medium: All traffic is allowed unless you explicitly addrules to block traffic. You are protected, but your com- puter is visible to others so that you can use network sharing. Access to Windows NetBIOS services and net- work file and printer sharing is enabled. Program access permissions are still enforced.
•
Off: You are not protected from hackers and otherthreats. Access to Windows NetBIOS services, and net- work file and printer sharing is allowed.
•
Restricted Zone Protection LevelThe Restricted Zone is a part of a network that is not trusted, and is considered vulnerable to security threats from unknown entities. The following Restricted Zone pro- tection levels are available.
•
High: All traffic is blocked unless you explicitly addrules to allow traffic. Your computer cannot be seen by hackers. Access to Windows NetBIOS services, and network file and printer sharing is blocked. Ports are blocked unless you have provided permission for a pro- gram to use them.
•
Medium: All traffic is allowed unless you explicitly addrules to block traffic. You are protected, but your com- puter is visible to others so that you can use network sharing. Access to Windows NetBIOS services, and network file and printer sharing is enabled. Program permissions are still enforced.
•
Off: You are not protected from hackers and otherthreats. Access to Windows NetBIOS services, and network file and printer sharing is allowed.
•
Zones AssignmentsThe Zones Assignments shows all the network adapters and other ports that are attached to your computer, and the current zone that they are assigned to. Zones
Assignments contains the following fields:
•
Name: Provides a numbered list of each network adapteror port (for example, LPT, or serial port). Connected network adapters display the IP address in use.
•
Assigned To: Displays the zone that the adapter orport is assigned to. If the adapter or port has not been assigned to a zone, the status Unassigned appears.