|
|
#1
November 12th, 2011, 07:52 AM
|
||||
|
||||
ESS Firewall - service/domain name rules (ex: Windows Update)
Hello all,
I plan to switch from EAV to ESS on a Windows 7 (64b) home local network but a thing bothers me: I know that the Windows Firewall service rules are not truly linked to services (set of rules, from what i read on the web ... beyond my knowledges) but as an exemple, my Windows Update rule with the Windows Firewall is :
Works fine and others services that uses svchost (netsvcs) like BITS are blocked (WAN). In fine, is there a way to make the same thing with ESS (or another firewall) ? Nota: As an alternative, i tried to add specific domain names like *windowsupdate.microsoft.com, *.update.microsoft.com ... in an ESS firewall rule but only IP seems to be permitted (as i understand). Perhaps I'm on a wrong way, could you light my way ? Sorry for my poor English, not my natural language ! Have a nice day. |
|
#2
November 14th, 2011, 02:03 PM
|
||||
|
||||
|
Re: ESS Firewall - service/domain name rules (ex: Windows Update)
The following KB Article might help:
kb.eset.com/esetkb/index?page=content&id=SOLN2149&ref=wsf The only difference for version 5 is for step 3, you would click 'Setup' then click 'Network' and switch to interactive filtering mode.
__________________
Resources: Knowledgebase • Facebook (US) • @ESET • @ESETNA • Support • News • Blog • YouTube: ESETKnowledgebase and esetusa |
|
#3
November 14th, 2011, 05:17 PM
|
||||
|
||||
|
Re: ESS Firewall - service/domain name rules (ex: Windows Update)
Thank you for the reply,
I probably have not been explicit enough. Allow svchost.exe access to all remote servers means that all the services running from it will be able to connect to any server but, I wish only the Windows Update service to connect on dedicated servers. At worst, a rule like: Allow svchost.exe outbound TCP to *.update.microsoft.com:80,443 (an IP rule isn't possible due to the turn-over, only domain name .. as far as i know) But there may be a better solution  Good day to you ! |
|
#4
November 14th, 2011, 07:45 PM
|
|||
|
|||
|
Re: ESS Firewall - service/domain name rules (ex: Windows Update)
For Microsoft, I just created a Zone named Microsoft Corp, with Address range: 207.46.0.0 - 207.46.255.255 and use that Zone
for any firewall application rules I create that need to connect to Microsoft. |
|
#5
November 15th, 2011, 10:32 AM
|
||||
|
||||
|
Re: ESS Firewall - service/domain name rules (ex: Windows Update)
Hello,
I missed this functionnality ! That will solve a part of the planned rules. For the example of Windows Update, I don't like a lot this solution because IP can change from a day to another but it seems to be the better compromise. Thanks to you for the replies, if no other ideas are posted in one or two days, I will put à [Solved] tag to the title of the thread. Bye  |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
