WatchGuard Firebox System 7.0 User Guide
Share Embed Flag
Download ePaper

WatchGuard Firebox System 7.0 User Guide

WatchGuard Firebox System 7.0 User Guide WatchGuard Firebox System 7.0 User Guide

watchguard.com
from watchguard.com More from this publisher
11.07.2015 Views

Blocked Ports dialog box 191, 192Blocked Ports list 191blocked servicesNetBIOS 190Novel IPX over IP 190OpenWindows 190rcp 190rlogin 190RPC portmapper 190rsh 190X Font server 189X Window 189blocked sitesand Firebox interfaces 185and IDS applications 194auto-block duration 187auto-blocked 185blocking with service settings 192changing auto block duration 187described 185dynamic 192exceptions to 187in System Manager 90logging and notification 188permanent 184, 185removing 187, 191storing in external file 187temporary 192viewing list of 193Blocked Sites dialog box 186, 187,219Blocked Sites Exceptions dialogbox 187Blocked Sites listdescribed 179, 193exceptions to 187viewing 96, 193BOVPN Upgrade 7Ccablesconnecting to Firebox 38included with Firebox 24certificate authority, Firebox as 127certificatesviewing CA fingerprint 77viewing expiration date and timeof 77viewing status of 77CHAP authentication 172configuration fileand Policy Manager 49basic 40customizing 44opening 49opening from Firebox 50opening from local drive 50rebooting Firebox after saving 51saving 51saving to Firebox 51saving to local drive 53starting new 58configuration modeschoosing 32, 41setting using Policy Manager 58Connect to Firebox dialog box 74, 84context-sensitive help 17controld 226controld.wgc 230CRYPTOCard serverauthentication 173, 174custom program, as notification 130,216DDCE 112DCE-RPC, and NAT 112default gatewaysentering 41for Firebox interfaces 59setting 60viewing IP address of 77default packet handlingand intrusion detection 194blocking address space probes 180blocking IP options attacks 180blocking port space probes 180blocking spoofing attacks 178blocking SYN Flood attacks 181described 178logging and notification for 218Default Packet Handling dialogbox 179, 180, 181, 182, 219Define Exceptions dialog box 261deny messagescopying 82issuing ping or traceroutecommand for 82SMTP proxy 140DHCP 66DHCP serveradding subnets 67280 WatchGuard Firebox System

default lease time for 67described 66enabling 127lease times 66maximum lease time for 67modifying subnets 68not using Firebox as 66removing subnets 68setting up Firebox as 66DHCP Server dialog box 66DHCP Subnet Properties dialogbox 67DHCP support on externalinterface 35, 41, 60, 61dialog boxes1-1 Mapping 111Add Address 109, 126, 163Add Exception 105, 111Add External IP 108Add External IP Address 109Add Firebox Group 169Add Member 126, 164Add Port 121Advanced 61, 62Advanced NAT Settings 105, 111Aliases 163Authentication Servers 168, 170,172, 174, 175Blocked Ports 192Blocked Sites 186, 187, 219Blocked Sites Exceptions 187Connect to Firebox 74, 84Default Packet Handling 179, 180,181, 182, 219default packet handling 179Define Exceptions 261DNS-Proxy Properties 157Firebox Authentication 166Firebox Flash Disk 54Firebox Name 55Host Alias 164HTTP Properties 152HTTP Proxy 261Incoming SMTP Proxy 138Incoming SMTP ProxyProperties 144Logging and Notification 128,188, 218Logging Setup 205, 206NAT Setup 105, 111Network Configuration 59, 64New Firebox Configuration 51, 54New Service 120Outgoing SMTP Proxy 147PAD Rules for DNS Proxy 157PAD Rules for FTP Proxy 150PAD Rules for SMTP Proxy 145Report Properties 238, 240service Properties 117, 120, 124,193Services 118, 120Set Log Encryption Key 231Setup Firebox User 169, 170Setup Routes 70SMTP Properties 145SMTP Proxy Properties 138, 140Time Filters 238WebBlocker Utility 254dial-up connection, for out-of-bandmanagement 267, 268DMZ (Demilitarized Zone) 29DNS proxyadding 156and file descriptor limit 158and NAT 158and security policy 115described 155enabling protocol anomalydetection 157DNS server addresses 65DNS-Proxy Properties dialog box 157drop-in configurationbenefits and drawbacks of 32characteristics 31described 30setting IP addresses in 59setting optional properties 62DVCP server, creating 127dvcp_local_nets 105, 112, 163dvcp_nets 105, 112, 163dynamic IP support. See DHCPsupport, PPPoE supportdynamic NAT. See NAT, dynamicdynamically blocked sites 192Eelectronic page, as notification 129emailas notification 129blocking address patterns 143blocking file-name patterns 142denying attachments 142protecting against relaying 143screening with SMTP proxy 137selecting headers to allow 143User Guide 281

default lease time for 67described 66enabling 127lease times 66maximum lease time for 67modifying subnets 68not using <strong>Firebox</strong> as 66removing subnets 68setting up <strong>Firebox</strong> as 66DHCP Server dialog box 66DHCP Subnet Properties dialogbox 67DHCP support on externalinterface 35, 41, 60, 61dialog boxes1-1 Mapping 111Add Address 109, 126, 163Add Exception 105, 111Add External IP 108Add External IP Address 109Add <strong>Firebox</strong> Group 169Add Member 126, 164Add Port 121Advanced 61, 62Advanced NAT Settings 105, 111Aliases 163Authentication Servers 168, 170,172, 174, 175Blocked Ports 192Blocked Sites 186, 187, 219Blocked Sites Exceptions 187Connect to <strong>Firebox</strong> 74, 84Default Packet Handling 179, 180,181, 182, 219default packet handling 179Define Exceptions 261DNS-Proxy Properties 157<strong>Firebox</strong> Authentication 166<strong>Firebox</strong> Flash Disk 54<strong>Firebox</strong> Name 55Host Alias 164HTTP Properties 152HTTP Proxy 261Incoming SMTP Proxy 138Incoming SMTP ProxyProperties 144Logging and Notification 128,188, 218Logging Setup 205, 206NAT Setup 105, 111Network Configuration 59, 64New <strong>Firebox</strong> Configuration 51, 54New Service 120Outgoing SMTP Proxy 147PAD Rules for DNS Proxy 157PAD Rules for FTP Proxy 150PAD Rules for SMTP Proxy 145Report Properties 238, 240service Properties 117, 120, 124,193Services 118, 120Set Log Encryption Key 231Setup <strong>Firebox</strong> <strong>User</strong> 169, 170Setup Routes 70SMTP Properties 145SMTP Proxy Properties 138, 140Time Filters 238WebBlocker Utility 254dial-up connection, for out-of-bandmanagement 267, 268DMZ (Demilitarized Zone) 29DNS proxyadding 156and file descriptor limit 158and NAT 158and security policy 115described 155enabling protocol anomalydetection 157DNS server addresses 65DNS-Proxy Properties dialog box 157drop-in configurationbenefits and drawbacks of 32characteristics 31described 30setting IP addresses in 59setting optional properties 62DVCP server, creating 127dvcp_local_nets 105, 112, 163dvcp_nets 105, 112, 163dynamic IP support. See DHCPsupport, PPPoE supportdynamic NAT. See NAT, dynamicdynamically blocked sites 192Eelectronic page, as notification 129emailas notification 129blocking address patterns 143blocking file-name patterns 142denying attachments 142protecting against relaying 143screening with SMTP proxy 137selecting headers to allow 143<strong>User</strong> <strong>Guide</strong> 281

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!