The main purpose of GeSWall access control policy is isolation of most vulnerable applications, those that connected to the internet. Blocking network would render them unusable. Instead, GeSWall uses different approach - it isolates the applications. An isolated application cannot cause damage even if it communicates over the network. It cannot steal confidential information, cannot infect the system, install a backdoor, keylogger or rootkit.
However, blocking of network access is useful for certain applications and advanced configuration. GeSWall is capable to block networking for all and individual isolated applications.
To block network access for all isolated applications open a GeSWall Console instance, select Resources folder and change "Security Class" for resource definition with Network type.
Set Security Class to Confidential.
Then you could grant network access to individual applications by application specific rule.
Additionally, you could deny network access for individual applications. For that resource definition for Network must remain untouched and you just need create an application rule
.
In the next version of GeSWall network blocking rules would be extended by supporting specification of host’s DNS names, ip-addresses and ranges.
XML Feeds