WSM User Guide - WatchGuard Technologies
WSM User Guide - WatchGuard Technologies WSM User Guide - WatchGuard Technologies
Packet Filter PoliciesCharacteristics• Internet Protocol(s): TCP• Port Number(s): 1755, 80NetMeetingNetMeeting is a product developed by Microsoft Corporation that enables groups to teleconferenceacross the Internet. It is included with Microsoft’s Internet Explorer web browser. This policy is based onthe H.323 protocol and does not filter for dangerous content. It does not support QoS or rsvp protocol,and it does not support NAT.Characteristics• Internet Protocol(s): TCP• Port Number(s): 1720, 389NFSThe Network File System (NFS) protocol is a client server software application created by Sun Microsystemsto allow all network users to get access to shared files kept on computers of different types.Characteristics• Internet Protocol(s): TCP and UDP• Port Number(s): TCP 2049, UDP 2049NNTPNetwork News Transfer Protocol (NNTP) is used to transmit Usenet news articles.The best procedure to use NNTP is to set internal hosts to internal news servers and external hosts tonews feeds. In most conditions NNTP must be enabled in two directions. If you operate a public newsfeed,you must allow NNTP connections from all external hosts. WatchGuard cannot make sure thatthese packets were sent from the correct location.You can configure the Firebox to add the source IP address to the Blocked Sites list when an incomingNNTP connection is denied. All of the usual log options can be used with NNTP.Characteristics• Internet Protocol(s): TCP• Port Number(s): 119NTPNetwork Time Protocol (NTP) is a protocol built on TCP/IP that controls local timekeeping. It synchronizescomputer clocks with other clocks located on the Internet.Characteristics• Internet Protocol(s): UDP and TCP388 WatchGuard System Manager
Packet Filter Policies• Port Number(s): TCP 123 and UDP 123OSPFOpen Shortest Path First (OSPF) is a routing protocol developed for IP networks based on the link-statealgorithm. OSPF is quickly replacing the use of RIP on the Internet because it gives smaller, more frequentupdates to routing tables and makes networks more stable.Characteristics• Internet Protocol(s): OSPF• Protocol Number(s): 89pcAnywherepcAnywhere is a software application used to get remote access to Windows computers. To enable thisprotocol, add the PCAnywhere policy. Then, allow access from the hosts on the Internet that must getaccess to internal pcAnywhere servers, and to the internal pcAnywhere servers.pcAnywhere is not a very secure policy and can put network security at risk, because it allows trafficthrough the firewall without authentication. Also, your pcAnywhere server can receive denial-of-serviceattacks. We recommend that you use VPN options to give more security.Characteristics• Internet Protocol(s): UDP and TCP• Port Number(s): UDP 22, UDP 5632, TCP 5631, TCP 65301pingYou can use ping to confirm if a host can be found and is operating on the network. To find DOS-basedor Windows-based traceroute packets, configure a ping policy.Outgoing ping is a good tool for troubleshooting. We do not recommend you enable ping connectionsincoming to your trusted network.Characteristics• Internet Protocol(s): ICMP• Protocol Number(s): 1POP2 and POP3POP2 and POP3 (Post Office Protocol) are e-mail transport protocols, usually used to get a user’s e-mailfrom a POP server.Characteristics• Internet Protocol(s): TCP• Port Number(s): 109 (POP2), and 110 (POP3)User Guide 389
- Page 356 and 357: Using BGPRegion Registry Name Web S
- Page 358 and 359: Using BGPConfiguring Fireware Pro t
- Page 360 and 361: Using BGP342 WatchGuard System Mana
- Page 362 and 363: Selecting a Primary High Availabili
- Page 364 and 365: Configuring HA for Firebox X (non e
- Page 366 and 367: Upgrading Software in an HA Configu
- Page 368 and 369: (B) To use the SOFTWARE PRODUCT on
- Page 370 and 371: RENEWAL/UPGRADE REQUEST WILL NOT BE
- Page 372 and 373: conditions of use by WatchGuard of
- Page 374 and 375: LicensesDATA, OR PROFITS; OR BUSINE
- Page 376 and 377: Licenses"Derivative Works" shall me
- Page 378 and 379: LicensesANY DIRECT, INDIRECT, INCID
- Page 380 and 381: Licenses2. You may modify your copy
- Page 382 and 383: Licenses8. You may not copy, modify
- Page 384 and 385: LicensesYou may charge a fee for th
- Page 386 and 387: LicensesINCLUDING, BUT NOT LIMITED
- Page 388 and 389: Licenses1.2. "Compilation" means a
- Page 390 and 391: LicensesTHE VRT CERTIFIED RULES AND
- Page 392 and 393: LicensesNoteAll other trademarks or
- Page 394 and 395: Default File LocationsFile TypeHelp
- Page 396 and 397: Default File Locations378 WatchGuar
- Page 398 and 399: Packet Filter PoliciesAOLThe Americ
- Page 400 and 401: Packet Filter PoliciesCharacteristi
- Page 402 and 403: Packet Filter PoliciesCharacteristi
- Page 404 and 405: Packet Filter PoliciesIRCInternet R
- Page 408 and 409: Packet Filter PoliciesPPTPPPTP is a
- Page 410 and 411: Packet Filter PoliciesSecurIDRSA Se
- Page 412 and 413: Packet Filter PoliciesCharacteristi
- Page 414 and 415: Packet Filter Policies• Port Numb
- Page 416 and 417: Packet Filter PoliciesWG-SmallOffic
- Page 418 and 419: Proxied Policiesmessages to flow fr
- Page 420 and 421: about SYN flood setting 137address
- Page 422 and 423: Domain Name System. See DNSDon’t
- Page 424 and 425: selecting for tunnel 247Gateways di
- Page 426 and 427: icon on toolbar for 4installing on
- Page 428 and 429: Perfect Forward Secrecy 248Performa
- Page 430 and 431: Secondary Networks dialog box 107Se
- Page 432: Wand strong passwords 227and WatchG
Packet Filter PoliciesCharacteristics• Internet Protocol(s): TCP• Port Number(s): 1755, 80NetMeetingNetMeeting is a product developed by Microsoft Corporation that enables groups to teleconferenceacross the Internet. It is included with Microsoft’s Internet Explorer web browser. This policy is based onthe H.323 protocol and does not filter for dangerous content. It does not support QoS or rsvp protocol,and it does not support NAT.Characteristics• Internet Protocol(s): TCP• Port Number(s): 1720, 389NFSThe Network File System (NFS) protocol is a client server software application created by Sun Microsystemsto allow all network users to get access to shared files kept on computers of different types.Characteristics• Internet Protocol(s): TCP and UDP• Port Number(s): TCP 2049, UDP 2049NNTPNetwork News Transfer Protocol (NNTP) is used to transmit Usenet news articles.The best procedure to use NNTP is to set internal hosts to internal news servers and external hosts tonews feeds. In most conditions NNTP must be enabled in two directions. If you operate a public newsfeed,you must allow NNTP connections from all external hosts. <strong>WatchGuard</strong> cannot make sure thatthese packets were sent from the correct location.You can configure the Firebox to add the source IP address to the Blocked Sites list when an incomingNNTP connection is denied. All of the usual log options can be used with NNTP.Characteristics• Internet Protocol(s): TCP• Port Number(s): 119NTPNetwork Time Protocol (NTP) is a protocol built on TCP/IP that controls local timekeeping. It synchronizescomputer clocks with other clocks located on the Internet.Characteristics• Internet Protocol(s): UDP and TCP388 <strong>WatchGuard</strong> System Manager