• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

Why does NIS-2009 create two Protocol Rules for the same program?

The process of NIS-2009  auto creating Program Rules seems to be working fine. However, I have a specific question about the creation of two Protocol rules for the same program.  Many auto created rules are like this:

The top rule:  "Allow, Direction: Outbound,  Computer: Any, Communications: Specific, Protocol: TCP and UDP"

The 2nd rule: "Allow, Direction: Outbound,  Computer: Any, Communications: Specific, Protocol: TCP"

The "rule of rules" states:  "A rule that appears above other rules in the list overrides those rules".

 Both TCP and UDP are allowed in the top rule, so why is the second rule created? 

On an importance scale of 1 to 10, I realize that this question is about a -3

EDIT:  Never mind!  I checked more details about the rules and see that the Specific Communications are allowing different ports in the different rules. So, two rules are indeed needed. 

Message Edited by Marty on 10-30-2008 11:36 AM
NS - Vista 32bit - Win8 64bit - IE9 - Safari5