When configuring the Firewall Rules for the protected host, you are unable to see any out of the box rule for allowing communication between the Deep Security Manager and Agent.
To enable the communication between the Manager and the Agents, the Manager automatically implements a (hidden) Firewall Rule (priority four, Bypass), which opens port 4118 on the Agents to incoming TCP/IP traffic.
The default settings open the port to any IP address and any MAC address.
You can restrict incoming traffic on this port by creating a new priority 4, Force Allow or Bypass Firewall Rule, which only allows incoming TCP/IP traffic from specific IP and/or MAC address.
This new firewall Rule will replace the hidden one if the settings match the following:
Filter Action: Force Allow or Bypass
Priority: 4 - Highest
Packet Direction: Incoming
Frame Type: IP
Packet Destination Port: 4118
As long as these settings are in effect, the new filter will replace the one which is hidden. You can then enter Packet Source information for IP and/or MAC addresses to restrict traffic to the host.