Ruleset is a set of network protection Rules bound to one or many Network Adapters. It is defined by a custom Name, a Ruleset Default Action, Active state and a list of Rules. It is part of a Security Project.

Ruleset Name is a custom name. Following a best practice, it should describe more closely what will the Ruleset protect or the nature of the assigned Rules.

Ruleset Active state is a quick way to enable or disable a single Ruleset without actually removing it from the parent Project. In order to optimize the Server processor usage, only Network Adapters associated with the enabled (active) Rulesets in the Project are opened for listening to the network traffic upon LANProtector Server activation. Another optimization is that only the ARP (Address Resolution Protocol) packets are filtered for further analysis so the Server will have almost unnoticeable impact on the CPU even in Gigabit or faster network environments.

Ruleset Default Action or a Base Ruleset Rule is a unique Rule which exists for each Ruleset and isn’t displayed in the list of custom defined Rules. It is always the last Rule to be processed and can only have two values: Allow All or Deny All. It defines how a Ruleset will handle network peers which aren’t matched by any of the other defined Rules in the Ruleset.

Purpose of multiple Rulesets on a LANProtector Server is to allow the Server to protect multiple networks, each with a different set of protection rules. For example, if a LANProtector Server is connected to two different networks, two Rulesets would be defined, each with its own set of rules and each bound to one of the two server-side network adapters.

Due to the flexibility of the design, multiple Rulesets can be used in other scenarios as well. For example a mobile protection platform which is moved between two or more networks can have multiple Rulesets defined for each of the networks which are then just activated manually as the connection is changed.

As multiple network adapters can be bound to a single Ruleset, it is also possible to protect several networks with the same set of rules for easier configuration or if there is a need to do so.