Suggestion : Firewall Learning Modes

np1
np1 Posts: 9 Observer
edited January 2022 in Feature Requests

Provided F-secure has checked and found no malware on the host pc, is it possible adding a Firewall Learning mode where the firewall allows all connections and applications while it's on Learning Mode and makes rules for them, you know, something like calibrating the network without having to troubleshoot what's wrong with a certain safe app not connecting or something else network related not working.  ESET Smart Security has a feature like that, saves me the fuss of troubleshooting the network.

 

Since I mention ESET, they also have an interactive mode where every communication pops up an alert and you can create rules to allow or deny that communication.  It's not automatic as Learning Mode but it still saves me time from going around blind and it still gives more than enough control over the network.

0
0 votes

Declined · Last Updated

Comments

  • Sami_Visti
    Sami_Visti Posts: 56 Former F-Secure Employee

    Hi np1,

     

    Thanks for your idea. We have investigated this in the past and based on our research implementing this in a reliable and easy to understand way is not viable approach. The applications can change the way they communicated over the internet and a firewall with learning mode would block those newly created network communications. Our approach has been to classify applications based on their reputation and behavior and not trying to restrict their network access to the minimum.

     

    Regards,

    Sami

  • Sami_Visti
    Sami_Visti Posts: 56 Former F-Secure Employee
  • jaffa
    jaffa Posts: 1

    TCP and UDP protocols constitute most communication over the Internet, and because TCP and UDP traffic by convention uses well known ports for particular types of traffic, a stateless packet filter can distinguish between, and thus control, those types of traffic, unless the machines on each side of the packet filter are both using the same non standard ports. Thanks.
    Regards,

    website recovery
  • wiki56
    wiki56 Posts: 1

    Many systems have unintentionally resulted in the first possibility. Since approach two is expensive and non-deterministic, its use is very limited. Approaches one and three lead to failure. Because approach number four is often based on hardware mechanisms and avoids abstractions and a multiplicity of degrees of freedom, it is more practical. Thanks.

    Regards,

    Paper Shredding NYC

     
  • You may want or need to disable the avast firewall that comes bundled with avast internet security if the software is blocking applications or certain ports. The avast firewall may also be interfering with other software programs,  the administration of the avast firewall may prove annoying. Disabling the avast firewall is a simple process.

    Regards,

    reputation management

  • Cale
    Cale Posts: 288 F-Secure Product Manager


    Closing as obsolete.

    -Cale

This discussion has been closed.