Home article search

Firewall filtering modes in ESET Windows home products

Details

The ESET Firewall monitors and controls communication within the local network or internet. The firewall analyzes communication activities using predefined rules and uses the rules to decide which traffic to allow or block. There are four firewall filtering modes to choose from; each one is designed for a specific type of application or level of security. To change the behavior of your firewall, select your desired filtering mode.

Solution

Firewall troubleshooting?

This article is part of a series of recommended steps to troubleshoot firewall issues. Click here to start with step 1.

Change the ESET Firewall filtering mode

  1. Open the main program window of your ESET Windows product.

  2. Press the F5 key to access Advanced setup.
     
  3. Click Firewall and expand Advanced. Select your desired filtering mode from the Filtering mode drop-down menu and click OK to save your changes. Continue to the next section for a summary of each filtering mode.
    ​Version 9.x: Click Personal Firewall and expand Basic.

Figure 1-1


 

Explanation of filtering modes

The filtering mode influences the behavior of the firewall and the level of user interaction required. The filtering modes for the ESET firewall are listed below:

Automatic mode — The default mode for easy and convenient use. Custom, user-defined rules can be created but are not required. Automatic mode allows all outbound traffic for a given system and blocks most inbound traffic. Allowed inbound traffic includes traffic from the Trusted Zone, as specified in IDS and advanced options, and inbound traffic responding to recent outbound communications.
 

Interactive mode — Custom configuration mode. Network communication is handled according to predefined rules. If there are no pre-existing rules that apply to a detected communication, the user will be prompted to allow or deny the connection. The decision to allow or deny can be saved as a new rule for the firewall. When a new rule is created, all future connections of this type will be allowed or blocked according to that rule. Using interactive mode, the user will be able to create a customized group of rules.

This mode is not intended for prolonged use. We recommend that you disable Interactive mode once you have established a set of rules for use in your environment. Use caution when choosing Interactive mode in a corporate environment because inattentive users can accidentally create rules that might expose them to risk or hinder their ability to communicate over the network.
 

Policy-based mode — Policy-based mode for advanced users. Network communication is handled according to user-defined rules that permit only desired and secure connections. All other unspecified connections will be blocked by the firewall. We recommend that you only select Policy-based mode if you are an administrator who intends to control network communication and you know which applications should be allowed or denied.
 

Learning mode — Automatically creates and saves rules; this mode is suitable for the initial configuration of the firewall. No user interaction is required since the ESET firewall saves rules according to predefined parameters. Learning mode should only be used until all rules for required communications have been created to avoid security risks. The firewall should then be set to Automatic mode or Policy-based mode. 


Was this information helpful?