application rules vs network rules

What takes precedence, application or network rules, if I give full access to application, but there is no network control rules to support that in Network monitor, does it mean that application will have full access even though I may have network control rule that blocks that kind of traffic. I want to understand how, what the mechanism of matching rules, what comes first.

Welcome to the forum.

Hopefully this answers your question. Two facts about Network rules: (1) they are global and (2) they have the final say on how ports are controlled (i.e. opened or closed). The easiest way to view Application rules is that they are for your approved/trusted apps to allow net access (although you can also block specific programs here, too). Once a program is in the AppMon, they have have net access through the context of NetMon.

As I understand it, application monitor rules determine whether an application can get out or not and the network monitor rules determine how it gets out.

Creating an application monitor rule does not guarantee access if there is no network monitor rule that allows the required communications.

Ewen :slight_smile: