| - Settings (Plus/Network version only)
 The Settings tab allows to - Adjust multiple security rules at once
- Reflect network parameter changes and adjust accordingly
- Configure the Default zone for unlisted applications
- Configure the AllApplications zone
- Enable/Disable unlisted applications detection prompt
- Enable/Disable blocked notifications balloon
- Protect opening the panel with password
- Configure Log File (Plus version)
- Configure Application detection sound notification
- Enable/Disable opening the panel for Administrators only (Plus version only)
- Default Zone for unlisted applications detection
- Any initial access attempt of unlisted applications is blocked. The blocking is vital for initial application detection. When an application is detected the application is set with Default Zone immediately. The user is prompted to choose/set a proper security zone to the application then. Windows 7 Firewall Control does not suspend the application network access till user sets network permissions to the detected application. The Edit button allows to adjust the zone (change the security rules) in-place and save the results to Default Zone only or to the Zones repository as well.
- Zone for All Applications.
- The zone is a set of rules applied to all the applications at once, not to a particular application. The applicationless rules allow enabling/disabling VPN access for all applications at once for instance.
- The zone allows solving problem of specific installers and update checkers. The applications generate randomly/unpredictably named helpers (executables) for every single connection attempt. Initial access attempt of non-listed applications is blocked by the firewall; the applications generate new helper for the next attempt. The helper is blocked again as unlisted and the process loops producing multiple app(1), app(2) entries in the application list. Enabling the destination address for all the applications solves the problem. (Please check the Blocked Events pane for the details)
- The rules act at a low priority; so any rules set to application directly/explicitly (either enabling or disabling) take precedence. In other words, the rules (in the context of an applications) trigger only if the application has no its own rules to enable or disable the same IP/protocol/port. If the application is set with such rules, the application's rules are used only.
- The Edit button allows to adjust the zone (change the security rules) in-place and save the results to All Applications Zone only or to the repository as well.
- LANs
- Computer network connection may be altered; Internet provider can be changed or a network adapter can be installed, removed, switched on or off, the network connection parameters are changed as the result. The LANs button allows reflecting new network environment to all the zones of the applications and the zone repository at once.
- Pressing the button Windows7FirewallControl collects all active network interfaces parameters into single list and allows editing the parameters. Each network interface found is appended with the LAN prefix. All the network interfaces are represented as a list of separate access rules as the result. After the list editing is finished all existing rules with the same prefix can be replaced with the new rules set. The options allows you keeping the same security settings for the applications in new connection environment
- Rules
- The button allows collecting of all the rules from all the zones (and the applications) and editing the rules in the single list. The option allows updating 1+ rules with corresponding names in all the zones and all the applications at once. For example, you set a special rule for disk sharing access control. The rule is used in multiple zones enabling/disabling specific details of the shared media access for various applications individually. If the environment is changed, there is a need to reflect the changes in all the zones at once. Using the option corresponding rules can be found, edited and the changes can be distributed to all the repository zones and applications the rule is used in.
- Log File
- The Log File option allows saving the blocking notifications into a chosen text file. The LogSize option limits the log file length by keeping the latest log entries only. The log file name has to be re-assigned (even with the same name) in order to alter the log size. The file will be re-opened and set with the new size limit. "LogReset" truncates the log file to zero size.
|
