12.0
Table Of Contents
- Implementation Guide for Symantec™ Endpoint Protection Small Business Edition
- Technical Support
- Contents
- 1. Introducing Symantec Endpoint Protection Small Business Edition
- About Symantec Endpoint Protection Small Business Edition
- About the types of protection
- Single console management
- How you are protected out-of-the-box
- Key features of Symantec Endpoint Protection Small Business Edition
- Components of Symantec Endpoint Protection Small Business Edition
- Where to get more information about Symantec Endpoint Protection Small Business Edition
- 2. Planning the installation
- 3. Installing Symantec Protection Center
- 4. Preparing for client installation
- 5. Installing the Symantec Endpoint Protection Small Business Edition client
- 6. Migrating to Symantec Endpoint Protection Small Business Edition
- 7. Starting the Symantec Protection Center console
- 8. Monitoring endpoint protection
- About monitoring endpoint protection
- Viewing the Daily Status Report
- Viewing the Weekly Status Report
- Viewing system protection
- Viewing virus and risk activity
- Viewing client inventory
- Finding unscanned computers
- Finding offline computers
- Viewing risks
- Viewing attack targets and sources
- About events and event logs
- 9. Managing security policies and computer groups
- 10. Managing content updates from LiveUpdate
- 11. Managing notifications
- 12. Managing product licenses
- 13. Managing protection scans
- About managing protection scans
- How protection scans work
- About the default protection scan settings
- Enabling File System Auto-Protect
- Scheduling an administrator-defined scan
- Scanning computers
- Updating virus definitions on computers
- About managing quarantined files
- Enabling or disabling TruScan proactive threat scans
- About adjusting the protection scans
- About exceptions
- 14. Managing firewall protection
- 15. Managing intrusion prevention protection
- 16. Managing administrator accounts
- 17. Managing disaster recovery
- A. Maintaining and troubleshooting Symantec Endpoint Protection Small Business Edition
- Restarting client computers
- Finding managed computers
- Converting an unmanaged computer
- Finding the server host name and IP address
- Modifying email server settings
- Modifying the server installation settings
- Investigating client problems
- Troubleshooting Symantec Protection Center communication problems
- Troubleshooting content update problems
- Providing information for Symantec Support
- B. Managing mobile clients and remote clients
- Index
Table 14-2
Firewall rule parameters (continued)
DescriptionParameter
The applications that trigger the rule.
When an application is the only trigger in an allow traffic rule, the
firewall allows the application to perform any network operation. The
application is the significant value, not the network operation that the
application performs.
For example, suppose you allow Internet Explorer, and define no other
triggers. Computer users can access the remote sites that use HTTP,
HTTPS, FTP, Gopher, and any other protocol that the Web browser
supports. You can define additional triggers to describe the network
protocols and hosts with which communication is allowed.
Application
The hosts that trigger the rule.
You can define the host relationship as follows:
■ Local and remote hosts
This relationship is commonly used in host-based firewalls. It is
independent of the traffic direction.
The local host is the local client computer. The remote host is the
computer that communicates with the client computer.
If the client communicates with a Web server, the remote host is the
Web server and the local host is the client. The local host is the same
for inbound traffic and outbound traffic.
■ Source and destination hosts
This relationship is commonly used in network-based firewalls. It is
dependent on the traffic direction.
The source host is the computer that sends the packet. The source
host is the remote computer for inbound traffic. The source host is
the local computer for outbound traffic.
The destination host is the computer that receives the packet. The
destination host is the local computer for inbound traffic. The
destination host is the remote computer for outbound traffic.
If the client communicates with a Web server, and the traffic is
inbound, the source host is the Web server and the destination host
is the client. For outbound traffic, the source host is the client and
the destination host is the Web server.
Host
131Managing firewall protection
How the firewall works