A data communication firewall may generally include a hardware or software filter that prevents data packets from either entering or leaving a network unless specifically authorized. A firewall may be provided as a program executed on a user's computer (“host firewall”), or as a dedicated machine provided at an edge of a network (“edge firewall”). To control the flow of network traffic, numbered ports in the firewall are either opened or closed to packets depending upon security settings applied by the firewall. Such security settings may include various rules, and are used to implement desired firewall operation. The settings applied may vary depending on a class of a network with which a device communicates. Further, requesters, such as users, applications, and services, may utilize firewall administration rights to set exceptions to the firewall rules which may open one or more ports and enable network traffic that would otherwise, be blocked and/or limited.
If exceptions enabled for one network remain enabled for other networks after the occurrence of a certain event, or events, security risk may be increased. In one example, a firewall may manage traffic over a first network using a rule having an exception enabled for the first network. The first network may have a high security setup and/or infrastructure. However, the firewall may also manage traffic over a second network that is less secure in terms of its security setup and/or infrastructure. As such, if the exception enabled for the first network is applied to communication over the second network, there may be an unintended increased security risk with respect to the second network. Alternatively, if the exception is applied only to the first network, a requester may need to repeatedly enable the exception for the second and any additional networks, thus degrading usability and/or efficiency.