# Firewall

View **Firewall** enables management of firewall rules, allowing administration of network connections, control of applications communicating with the network, and monitoring of IT infrastructure security. In the main panel the user can view active rules, add new ones, edit existing ones, and delete rules.

***

## **Overview**

Main tab view **Firewall** enables management of network rules for each computer in the infrastructure. The user can create new rules for both incoming and outgoing traffic.

<img src="/files/9e3e09902ed60c152ab82c2dde5dbd2af9af332c" alt="" width="375">

### **View elements**

#### **Rules table**

List of currently defined rules with the following columns:

* **Rule**: Name of the rule, e.g., the application or service to which it applies.
* **Description:** A brief description of the purpose of the rule or the scope of its operation.
* **Computer**: The computer on which the given rule applies.
* **Deployment status**: Deployment status of the rule.
* **Action**: Specifies whether network traffic is allowed or blocked.
* **Profile**: Network type, e.g., Public, Private, Domain.
* **Group**: Group of computers to which the rule applies.
* **Local IP:** IP address of the device on whose side the rule is applied.
* **Remote IP:** IP address of the device with which communication is being controlled.
* **Protocol**: Network protocol, e.g., TCP/UDP.
* **Local/Remote port**: Port numbers.
* **Active**: Rule activity (Active/Inactive).
* **Program:** Path to the executable file to which the rule applies.

Each rule can be enabled or disabled using the column **Active**

<figure><img src="/files/2d83c3313db6020502b4daca9760558e943ebd11" alt="" width="375"><figcaption></figcaption></figure>

***

## **Rule actions**

Under each rule you will find a set of actions:

* **Replicate** – duplicating the rule to other devices.
* **Edit** – allows modification of the rule parameters.
* **Delete** – allows removal of the rule.

<img src="/files/35f4a8f7a9db108622480fa3c23c61cf2f682803" alt="" width="375">

### **Creating a new rule**

To add a new rule, click the **Add rule**.\
A new rule configuration window will appear where you can choose whether the rule applies to incoming or outgoing traffic.

#### **Rule configuration**

* **Add devices**: Specification of the device or group of devices to which the rule will be deployed.

<img src="/files/67486c2c4df0f5c7639fabd2a8a0de2d4811c2c0" alt="" width="375">

* **Rule name**: Name of the new rule.
* **Description (optional)**
* **Rule type**: Specification of the rule type, e.g., for an application (Program) or for ports (TCP/UDP).
* **Action**: Action to perform – **Allow** or **Block**.
* **Profile**: Specification of which networks (Public, Private, Domain) the rule will be active on.

If you choose the rule type **Program**, the configuration window will expand to allow specifying the path to the program to which the rule applies (e.g., C:\Program Files\browser\browser.exe). You can also select the option **All programs** or define a specific application.

<img src="/files/da283cfc3f3ec54423218b6aebacf3366a096ca9" alt="" width="236">

For a rule concerning ports, select the rule type **Port TCP/UDP**. This will allow specifying the ports to which the rule will apply:

* **All ports**: The rule applies to all ports.
* **Selected ports**: The rule applies to selected ports (e.g., 80, 443).

Then select the action (**Allow** or **Deny**) and the network type in which the rule will be active (**Public**, **Private**, **Domain**).

### **Replicating rules**

The **Replicate rule** allows duplicating an existing rule and deploying it to other devices. By clicking the edit icon, you can select new devices to which the rule will be moved.

After configuring all options, click the **Create rule** (or **Save changes** for edited rules), to save the configuration.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://eaclouddoc.eauditor.eu/eacloud-docs-en/features/it-management/firewall.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.