3 Replies Latest reply on Jul 22, 2010 4:03 AM by Attila Polinger

    To configure allow ports

      Hi All,


      I am using version 8.7.


      Under Access Protection properties, I wanted to add a new rule to "Allow" the port. But I do not see such options available. It is only showing "Port Blocking Rule". I remember having configure such rules (allowing port) in previous version. Is this feature not available in version 8.7?


      And even under the existing rules, I cannot view the list of the configured port that is blocked.



        • 1. Re: To configure allow ports
          Attila Polinger

          Hi unknown,


          there is not a port allowing user rule in VSE 8.5 (just checked to be sure), and hence there is not one, too in VSE 8.7.

          As for port blocking user rules you should be able to Edit the rule and see the ports it applies to. For system rules that happen to be port blocking you cannot view and edit anything other than process names that the rule applies to or excludes.



          • 2. Re: To configure allow ports

            Hi Attila,


            Previously I used a version 7 if i not mistaken. I am able to configure port to be allow.


            Anyhow, in the case of version 8.7. Let say I want to allow port 6666 which is currently blocked under the existing rules. How should I configure it?


            I can't edit "Prevent IRC Communication" rules. I can only either block or unblock. There is no option to see what are the ports that is blocked under "Prevent IRC Communication". Any advice?



            • 3. Re: To configure allow ports
              Attila Polinger



              You did not write that you are using a managed VirusScan installation (via ePO) or even, if you are an ePO administrator or not. Assuming both are yes.


              No, you can't edit the Prevent IRC communications rule in detail, but you can add processes as exclusions to this rule.

              In addition you can create a subpolicy group where this rule is not checked/enforced and assign to certain hosts that need it.


              When you check the Notify checkbox for this rule, you can see what ports this blocks (this takes time until occurs) either locally from AccessProtectionLog.txt or from the ePO events query.


              I think you can't directly allow any port once a rule that blocks it is active, you should inactivate blocking for that rule to allow the port usage.