F-SECURE CLIENT SECURITY 9.00 Administrator's Manual page 91

To add a new security level for a certain domain only, you first have to disable that security level on root level,
and then enable it again on the appropriate lower level.
Create the new security level
The first step in adding a new security level is to create the new security level.
This is done as follows:
1. Select Root on the Policy domains
2. Go to the Settings tab and select the
3. Click Add to add a new security level.
This opens the Security level - Description
4. Enter a name for the new security level, for example, BrowserSecurity.
You can also include a description in the
5. Click Finish.
6. Click
to save and distribute the policy.
Create rules for the new security level
The next step is to create rules for the new security level.
The associated rules for the new security level are created as follows:
1. Go to the Firewall rules
2. Select the BrowserSecurity
The Firewall rules table is empty when this security level is selected, because there are no associated
rules yet.
3. Click Add before to add a rule that allows outbound HTTP traffic as the first one on the list.
This opens the Firewall rule
4. Complete the Firewall rule
a) On the Rule type page select
b) On the Remote hosts
c) On the Services page select
d) On the Services page select
only.
e) On the Advanced settings
f) Verify the new rule on the
You can also add a descriptive comment for the rule; for example, Allow outbound HTTP traffic
for browsing..
g) Click Finish.
5. Click Add after to add a rule that denies all other traffic both ways as the last one on the list.
6. Complete the Firewall rule
a) On the Rule type page select
b) On the Remote hosts
c) On the Services page select
d) On the Services page select
connections.
e) On the Advanced settings
f) Verify the new rule on the
You can also add a descriptive comment for the rule. For example, Deny rest.
tab.
Firewall security levels
dialog box.
Description:
page.
Internet Shield security level you just created.
wizard.
wizard:
Allow as the rule type.
page select Any remote host
HTTP in the Service
=> in the Direction
page you can accept the default values.
Summary page.
wizard:
Deny as the rule type.
page select Any remote host
All traffic in the Service
Both in the Direction
page you can accept the default values.
Summary page.
F-Secure Client Security | Configuring Internet Shield | 91
page.
text box.
to apply the rule to all Internet connections.
column to apply the rule to HTTP traffic.
column to apply the rule to outbound connections
to apply the rule to all connections.
column to apply the rule to all traffic.
column to apply the rule to inbound and outbound