ESET Smart Security Personal firewall behavior and user interaction (5.x)

KB Solution ID: SOLN2868|Last Revised: August 20, 2014


  • Change the filtering mode of the ESET Personal firewall


The Personal firewall is a device that acts as a network traffic driver, controlling communication within the local network or Internet. Using predefined rules, the firewall analyzes this communication and decides whether or not to allow it.


There are five separate firewall modes to choose from, according to the desired level of restriction. To change the behavior of your firewall, choose the desired filtering mode. To change the filtering mode, follow the steps below:

  1. Open ESET Smart Security. How do I open my ESET product?
  2. Click Setup Network.
  3. Figure 1-1
    click the image to view larger in a new window

  4. Click Advanced Personal firewall setup at the bottom of the Network module.
  5. Figure 1-2
    Click the image to view larger in a new window

  6. The Advanced Setup window will appear. Select your desired filtering mode from the Filtering Mode drop-down menu and click OK to save your changes. Continue to the next section for a summary of each filtering mode.
  7. Figure 1-3
    Click the image to view larger in a new window

Automatic mode

In Automatic mode, network communication is automatically controlled by settings defined by the user. After connecting to a network, the user decides whether it is a trusted zone. Communication in a trusted zone is not limited in both directions. Communication within a restricted zone – the Internet communication - is allowed only for applications establishing outgoing connections. Such applications are trusted also for incoming connections. This mode requires no user interaction (except when connecting to a new network).

In short, Automatic mode uses no predefined rules, but automatically analyzes communication. Applications are allowed to establish outgoing connections. Applications that already established outgoing connections are also trusted for incoming connections.

Automatic mode with exceptions (user-defined rules)

In addition to Automatic mode, it enables you to add custom rules.

Interactive mode

In Interactive mode, network communication is handled according to predefined rules. If there is no rule available for a connection, the user is prompted in a dialog window to allow or deny the connection. After some time, the user will have created a group of rules fitting his or her needs. Use caution when choosing this mode for a corporate environment, as after time, some users may ignore the regularly appearing dialog windows and just allow everything they are prompted for by the program.

Policy-based mode

In Policy-based mode, network communication is handled according to rules given by the administrator. If there is no rule available, the connection is automatically blocked and the user sees no warning message. We recommend that you select the Policy-based mode only if you are an administrator who intends to control the network communication, and you are sure you know which applications should be allowed or denied.

Learning  mode

Allows all activity and automatically creates and saves rules based on user behavior; this mode is suitable for initial configuration of the Personal firewall. No user interaction is required. Learning mode is not secure, and should only be used until all rules for required communications have been created. The Personal firewall should then be set to Automatic mode with exceptions or Policy mode.

Experienced users only

Learning mode should only be used if you are an experienced user in a controlled environment, as it does not require user approval to create permanent rules and can expose your computer to increased risk.

Rate this article:
1 2 3 4 5
Please comment on your rating...
We cannot respond to feedback from this form. Requests for assistance should be submitted through your normal support channel.
5 - Definitely
4 - Mostly
3 - Somewhat
2 - Not Really
1 - Not At All