Norton Internet Security logo

Smart Firewall Advanced Settings

May 18, 2010

Smart Firewall Advanced Settings let you activate advanced protection features of Smart Firewall.
Your options are:


General Rules Determines how the Smart Firewall controls incoming network traffic and outgoing network traffic.
Uncommon Protocols Determines how the Smart Firewall handles uncommon protocols such as Internet Group Management Protocol (IGMP) and IPv6 Hop-by-Hop Option (HOPOPT).
Firewall Reset
Returns the Smart Firewall to its default state. You can click Reset to ensure that all recommended firewall rules and settings are configured.

Note:

If you reset the firewall, you remove any custom rules or settings that you have configured. Resetting the firewall also changes the Trust Control settings in the Network Security Map. Therefore, Norton Internet Security prompts you with a confirmation dialog box when you reset firewall.
Stealth Blocked Ports Ensures that blocked and inactive ports do not respond to connection attempts. Prevents the active ports from responding to connection attempts with incorrect source or destination information.
Stateful Protocol Filter Automatically allows the Internet traffic that matches the connections that an application opens.

Check this option to do the following:
  • Analyze the network traffic that enters your computer.
  • Block the suspicious applications that try to connect to your computer.
Automatic File/Printer Sharing Control Allows the computers on the network to share resources such as files, folders, and printers (that are locally attached).

Some of the Windows 7 features such as Home Media Experience work only when the trust level of the network to which your computer is connected is set to SHARED or FULL TRUST. When Automatic File/Printer sharing control is ON, it sets the trust level of the network to SHARED only if certain security criteria match.
Automatic Program Control Automatically configures Internet access settings for the Web-enabled programs that are run for the first time.

The Automatic Learn IPv6 NAT Traversal Traffic option is available only when Automatic Program Control is turned on. Norton Internet Security provides this option to control the network traffic that uses Teredo to communicate with your computer. Some of the Windows 7 features such as Remote Media Experience and Remote Assistance work only when Automatic Learn IPv6 NAT Traversal Traffic is on.

When you turn off Automatic Program control, you can turn on Advanced Events Monitoring. You can use the Advanced Events Monitoring options, to configure the Internet access settings for Internet-enabled programs the first time that they run.

When you turn on Advanced Events Monitoring feature, you are prompted with numerous firewall alerts. If you do not want to receive firewall alerts, you can turn on Silent Mode. When you turn on Silent Mode, Norton Internet Security automatically turns on Automatic Program Control and disables the Advanced Events Monitoring features. You cannot configure Advanced Events Monitoring when you turn on Silent Mode.

The Advanced Events Monitoring settings consists of several leak tests that test the firewall against the following types of attacks:
  • The malicious programs that launch Internet-enabled programs
  • The malicious programs that attach to safe programs without being detected
  • The Trojan horses or malicious programs that launch trusted applications in hidden mode through-command line parameters
  • The Trojan horses or malicious programs that inject code into an application's process without firewall alerts
  • The Trojan horses and other malicious programs that manipulate an application's behavior to connect to the Internet without firewall alerts
  • The Trojan horses and other malicious programs that bypass network traffic

    These programs penetrate the Windows TCP/IP layer to send and receive data without triggering firewall alerts.
  • The malicious programs that use the documented interfaces that the trusted applications provide to transmit data outside the network without triggering firewall alerts
  • The malicious keylogger programs that access personal information of a user on a particular computer by monitoring their keystroke activities
  • The malicious programs that manipulate an application's behavior by instantiating controlled COM objects

0 comments: (+add yours?)

Post a Comment