CFP3/Help Guide/Firewall Task Center/My Blocked Network Zones

From ComodoWiki

Jump to: navigation, search

Firewall Tasks > Common Tasks - My Blocked Network Zones

A computer network enables users to share information and devices between computers and other users within the network.  Obviously, there are certain computer networks that you will need 'trust' and grant access to - for example your home or work network. Unfortunately, there may be other, untrustworthy networks that you will want to restrict communication with - or even block entirely. (note - we advise new or inexperienced users to first read ' My Network Zones', 'Stealth Ports Wizard' and 'Network Security Policy' before blocking zones using this interface.)

The 'My Blocked Network Zones' area allows you to:

Image:blocked_network_zones.gif

'My Blocked Network Zones' can be accessed by navigation to 'Firewall Tasks > Common Tasks > My Blocked Network Zones.

Note 1 - You must create a zone before you can block it. There are two ways to do this (i) Using 'My Network Zones' to name and specify the network you want to block (ii) Directly from this interface using 'New blocked address...'

Note 2 - You cannot reconfigure pre-existing network zones from this interface. (e.g., to add or modify IP addresses). You need to use 'My Network Zones' if you want to change the settings of existing zones.

Deny access to a specific network

by selecting a pre-existing network zone and designating it as blocked

  • Click the 'Add..' button at the top right and select 'Network Zones' then the particular zone you wish to block. 

Image:add_blocked_zone.gif

  • The selected zone will appear in the main interface.
    Image:blocked_network_config.gif

Click 'Apply' to confirm your choice. All traffic intended for and originating from computer or devices in this zone will now be blocked. 

Deny access to a specific network by manually defining a new blocked zone
  • Click the 'Add..' button at the top right and select 'A New Blocked Address' . This will launch the following dialog where you can specify the IP address(es), IP Mask, Host Name or MAC address that you wish to block.

    Image:edit_blocked.gif

    After clicking 'Apply' to confirm your choice, the address(es) you blocked will appear in the main interface. You can modify these addresses at any time by selecting the entry and clicking 'Edit'

Image:blocked_zone_add_address.gif

Click 'Apply' to confirm your choice.  All traffic intended for and originating from computer or devices in this zone will now be blocked. 

Special Note: Creating a blocked network zone implements a 'block all' global rule for the zone in question. However, unlike when you create a 'Trusted Zone', this rule is not displayed or editable from the global rules tab of the Network Security Policy interface. This is because whereas you are likely to be trusting only a few zones, there is the potential that you will have to block many. The constant addition of such block rules would make the interface unmanageble for most users.

Retrieved from "http://wiki.comodo.com/CFP3/Help_Guide/Firewall_Task_Center/My_Blocked_Network_Zones"
Personal tools