HP SuperStack Firewall Series Instrukcja Użytkownika Strona 161
- Strona / 214
- Spis treści
- ROZWIĄZYWANIE PROBLEMÓW
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
Using Network Access Policy Rules 161
Restoring the default rules will delete all custom rules and Public LAN
Servers. If an IKE VPN Security Association has been created, a service will
need to be recreated to permit IKE negotiations.
Protocols/Services to Filter
Although the Firewall is shipped in a safe mode by default, the user can
alter the Policy Rules and potentially cause the Firewall to be vulnerable to
attacks. Therefore, before any modifications are made, the user should be
aware of which services are of most risk to the private LAN.
The following table shows the protocols that are inherently vulnerable to
abuse and should be blocked from entering or leaving the site.
Ta b le 6
Protocol Definitions and Characteristics
Protocol Name
Port
Number Risk
TFTP-Trivial FTP 69 This protocol can be used to boot diskless
workstations, terminal servers and routers,
and can also be used to read any file on the
system, if set up incorrectly.
X Windows 6000+ This can leak information from X window
displays including all keystrokes.
DNS-Domain Names
Service
53 The DNS service contains names of hosts
and information about hosts that could be
helpful to attackers.
RIP-Routing
Information Protocol
520 This service can be used to redirect packet
routing.
UUCP-UNIX-to-UNIX
CoPy
540 If this service is not properly configured, it
can be used for unauthorized access.
Open Windows 2000 This protocol can also leak information
about what keystrokes are depressed.
RPC-Remote Call
Procedure
111 The RPC services, including NIS and NFS,
can be used to steal system information
such as passwords and read to write files.
Rexec
Rlogin
Rsh
512
513
514
These protocols can permit unauthorized
access to accounts and commands
Other services, whether inherently
dangerous or not, should be restricted to
only those systems that need them as
shown below:
DUA1611-0AAA02.book Page 161 Thursday, August 2, 2001 4:01 PM
- SuperStack 1
- Firewall 1
- User Guide 1
- 3Com Corporation 2
- 5400 Bayfront Plaza 2
- Santa Clara, California 2
- 95052-8145 2
- ONFIGURING THE 4
- ECHNICAL 10
- EGULATORY 10
- How to Use This 12
- Conventions 12
- Terminology 13
- 14 ABOUT THIS GUIDE 14
- Feedback about this 15
- Registration 16
- Chapter 1 Introduction 17
- NTRODUCTION 19
- Firewall and 3Com 20
- Network Supervisor 20
- Firewall Features 21
- LAN DMZ WAN 22
- Firewall Features 23 23
- Introduction to 25
- Networking (VPN) 25
- NSTALLING THE 27
- Positioning the 28
- Firewall Front Panel 29
- Firewall Rear Panel 31
- Redundant Power 31
- System (RPS) 31
- ETUP FOR THE 35
- Settingupa 36
- Configuring Basic 36
- Configuring Basic Settings 37 37
- Figure 8 Set Password Screen 38
- Figure 9 Set Time Zone screen 38
- Configuring WAN 39
- Figure 11 40
- Figure 12 41
- Configuring the Firewall 41
- Figure 13 42
- Configuring WAN Settings 43 43
- Configuring LAN 44
- Figure 16 45
- Configuring LAN Settings 45
- Confirming Firewall 46
- ETTINGS OF THE 51
- Examining the Unit 52
- Setting the 53
- Administrator 53
- Password 53
- Figure 23 54
- Set Time Window 54
- Setting the Time 55 55
- Changing the Basic 56
- Network Settings 56
- Specifying DMZ 59
- Addresses 59
- Settingupthe 60
- DHCP Server 60
- Figure 26 DHCP Setup Window 61
- 3com.com 62
- Viewing the DHCP 63
- Server Status 63
- Using the Network 64
- Diagnostic Tools 64
- ETTING UP 67
- ILTERING 67
- Filtering Web Sites 70
- Figure 30 Custom List Window 71
- Updating the Web 73
- Blocking Websites 75
- Filtering by User 75
- Figure 33 76
- Consent Window 76
- Filtering by User Consent 77 77
- 192.168.1.254/iAccept.html 77
- 192.168.1.254 77
- SING THE 79
- IAGNOSTIC 79
- Figure 34 80
- View Log Window 80
- Viewing the Log 81 81
- Changing Log and 82
- Alert Settings 82
- Generating Reports 87
- Restarting the 89
- Managing the 90
- Configuration File 90
- Figure 39 91
- Import Window 91
- Upgrading the 92
- Firewall Firmware 92
- Figure 41 93
- Upgrade Window 93
- Figure 44 98
- Services Window 98
- Changing Policy Services 99 99
- ETTING A 100
- Adding and 101
- Deleting Services 101
- Editing Policy Rules 103
- Editing Policy Rules 105 105
- Updating User 106
- Privileges 106
- Establishing an 108
- Authenticated 108
- Management 109
- Using the Firewall 110
- Business Telephone 110
- Automatic 111
- Proxy/Web Cache 111
- Forwarding 111
- Figure 49 112
- Proxy Relay Window 112
- Specifying Intranet 114
- Settings 114
- Figure 52 Intranet Window 116
- Setting Static 117
- Setting up 119
- One-to-One NAT 119
- Setting up One-to-One NAT 121 121
- ONFIGURING 123
- Figure 56 VPN Summary Window 124
- Configuring a VPN 125
- Security 125
- Association 125
- Shared Secret 130
- Configuring the 132
- Firewall to use a 132
- RADIUS Server 132
- Firewall-1 134
- Configuring the IRE 137
- VPN Client for use 137
- Figure 58 139
- VAILABILITY 141
- Configuring High 142
- Availability 142
- Figure 60 143
- High Availability Menu 143
- Configuration 145
- Checking High 146
- Availability Status 146
- Forcing Transitions 148
- Forcing Transitions 149 149
- DMINISTRATION AND 151
- ROUBLESHOOTING 151
- PERATIONS 153
- Activating the Web 156
- Site Filter 156
- Using Network 157
- Access Policy Rules 157
- Ta b le 6 161
- Resetting the 162
- Figure 63 163
- Firmware Upload Window 163
- Direct Cable 164
- Connection 164
- Direct Cable Connection 165 165
- 192.168.1.200 168
- Troubleshooting 170
- Frequently Asked 172
- Questions about 172
- IREWALL AND 173
- ETWORKING 173
- TTACK AND 175
- Intrusion Attacks 176
- Troja n Hor s e 177
- ■ 255.0.0.0 181
- ■ 255.255.0.0 181
- ■ 255.255.255.0 181
- Network Address 182
- Translation (NAT) 182
- Dynamic Host 183
- Protocol (DHCP) 183
- Virtual Private 184
- Network Services 184
- Internet 185
- PPENDICES 191
- NFORMATION 193
- Wichtige 194
- Sicherheitshinweise 194
- Sécurité 195
- Consignes 195
- Importantes de 195
- PPENDIX A: SAFETY INFORMATION 196
- PECIFICATIONS AND 197
- TANDARDS 197
- PECIFICATIONS 199
- Support from Your 202
- Network Supplier 202
- Support from 3Com 202
- Support from 3Com 203 203
- Asia, Pacific Rim 203
- Returning Products 204
- PPENDIX D: TECHNICAL SUPPORT 206
- NDEX 209 209
- NDEX 211 211
- 212 INDEX 212
- REGULATORY NOTICES 213
Powiązane produkty i podręczniki dla Routery HP SuperStack Firewall Series
Routery HP EX495 Instrukcja Użytkownika
(331 strony)
(331 strony)
Routery HP F150 Instrukcja Szybki Start
(26 strony)
(26 strony)
Routery HP Deskjet 6980 Instrukcja Użytkownika
(32 strony)
(32 strony)
Routery HP 10BASE-T Instrukcja Instalacji
(104 strony)
(104 strony)
Routery HP JL066AABA Arkusz Danych
(12 strony)
(12 strony)
Routery HP JG409A#ABB Arkusz Danych
(46 strony)
(46 strony)
Routery HP JF240A Arkusz Danych
(23 strony)
(23 strony)
Routery HP JF231A Arkusz Danych
(20 strony)
(20 strony)
Routery HP JD026A Arkusz Danych
(9 strony)
(9 strony)
Routery HP JE459A Arkusz Danych
(7 strony)
(7 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.099 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji