WatchGuard Firebox System 4.6 User Guide
WatchGuard Firebox System 4.6 User Guide WatchGuard Firebox System 4.6 User Guide
Online HelpContext-sensitive HelpIn addition to the regular online Help system, context-sensitive or What’s This? Helpis also available. What’s This? Help provides a definition and useful information onfields and buttons in the dialog boxes. To access What’s This? Help:1 Right-click any field or button.2 Click What’s This? when it appears.A box appears with the field name on the top and information about the field beneath it.3 To print or save the Help box as a separate file, right-click the Help field.A menu offering Copy or Print appears.4 Select the menu item you want.5 When you are done, left-click anywhere outside the box to dismiss it.Context-sensitive Help does not currently support the questionmark icon.16
CHAPTER 3WatchGuard OptionsThe WatchGuard Firebox System is enhanced by optional features designed toaccommodate the needs of different customer environments and securityrequirements.Currently available optionsVPN ManagerWatchGuard VPN Manager is a centralized module for creating and managing thenetwork security of an organization that uses the Internet to conduct business. VPNManager can administer and monitor an enterprise’s sum total of Fireboxes, log hosts,networks, and VPN tunnels. VPN Manager also contains the controls to launch theapplications of the WatchGuard Firebox System.High AvailabilityHigh Availability enables one Firebox to take over when another fails. When usingHigh Availability, you place two Fireboxes and the Management Station on thetrusted network and provide each Firebox with the same configuration file. The firstFirebox manages traffic and protects the network while the second waits in a passive,listening mode. If the first Firebox fails for any reason, the second Fireboximmediately takes over. When the first Firebox returns to functioning capacity, thesecond Firebox again takes the passive role, ensuring that your network is constantlyprotected.To use High Availability, purchase the High Availability option as well as a secondFirebox of the same model as your first.Mobile User VPNMobile User VPN is the WatchGuard IPSec implementation of remote user virtualprivate networking. Mobile User VPN connects an employee on the road or workingUser Guide 17
- Page 1 and 2: WatchGuard ®Firebox SystemUser Gu
- Page 3 and 4: condition that you accept all of th
- Page 5: Declaration of ConformityWatchGuard
- Page 8 and 9: Resetting Firebox passphrases .....
- Page 10 and 11: CHAPTER 15 Reviewing and Working wi
- Page 12 and 13: WatchGuard Firebox System component
- Page 14 and 15: Minimum requirementsHardware requir
- Page 17 and 18: CHAPTER 1LiveSecurity ServiceNo Int
- Page 19 and 20: LiveSecurity broadcasts• The Lice
- Page 21 and 22: CHAPTER 2Technical SupportDevelopin
- Page 23 and 24: TrainingAfter you enter your LiveSe
- Page 25: Online Help• On any platform, bro
- Page 29 and 30: PART IIIConfiguring a SecurityPolic
- Page 31 and 32: CHAPTER 4Firebox BasicsThis chapter
- Page 33 and 34: Opening a configuration fileOpening
- Page 35 and 36: Setting the time zone• Use a comb
- Page 37 and 38: CHAPTER 5Using the WatchGuardContro
- Page 39 and 40: Control Center componentsThe first
- Page 41 and 42: Policy ManagerManipulating the Traf
- Page 43 and 44: Historical ReportsHistorical Report
- Page 45 and 46: CHAPTER 6Configuring a NetworkConfi
- Page 47 and 48: Setting up a routed network• All
- Page 49 and 50: Defining a host routeDefining a hos
- Page 51 and 52: Defining a Firebox as a DHCP server
- Page 53 and 54: CHAPTER 7Blocking Sites and PortsMa
- Page 55 and 56: Blocking a port permanently3 In the
- Page 57 and 58: CHAPTER 8Configuring ServicesThe Se
- Page 59 and 60: Defining service properties8 In the
- Page 61 and 62: Modifying a serviceThe following ex
- Page 63 and 64: Setting up proxy servicesSelecting
- Page 65 and 66: Setting up proxy servicesand transm
- Page 67 and 68: Service precedencecheck. In the lat
- Page 69 and 70: CHAPTER 9Controlling Web TrafficWeb
- Page 71 and 72: Configuring the WebBlocker serviceP
- Page 73 and 74: CHAPTER 10Setting Up NetworkAddress
- Page 75 and 76: Using service-based NATUsing servic
CHAPTER 3<strong>WatchGuard</strong> OptionsThe <strong>WatchGuard</strong> <strong>Firebox</strong> <strong>System</strong> is enhanced by optional features designed toaccommodate the needs of different customer environments and securityrequirements.Currently available optionsVPN Manager<strong>WatchGuard</strong> VPN Manager is a centralized module for creating and managing thenetwork security of an organization that uses the Internet to conduct business. VPNManager can administer and monitor an enterprise’s sum total of <strong>Firebox</strong>es, log hosts,networks, and VPN tunnels. VPN Manager also contains the controls to launch theapplications of the <strong>WatchGuard</strong> <strong>Firebox</strong> <strong>System</strong>.High AvailabilityHigh Availability enables one <strong>Firebox</strong> to take over when another fails. When usingHigh Availability, you place two <strong>Firebox</strong>es and the Management Station on thetrusted network and provide each <strong>Firebox</strong> with the same configuration file. The first<strong>Firebox</strong> manages traffic and protects the network while the second waits in a passive,listening mode. If the first <strong>Firebox</strong> fails for any reason, the second <strong>Firebox</strong>immediately takes over. When the first <strong>Firebox</strong> returns to functioning capacity, thesecond <strong>Firebox</strong> again takes the passive role, ensuring that your network is constantlyprotected.To use High Availability, purchase the High Availability option as well as a second<strong>Firebox</strong> of the same model as your first.Mobile <strong>User</strong> VPNMobile <strong>User</strong> VPN is the <strong>WatchGuard</strong> IPSec implementation of remote user virtualprivate networking. Mobile <strong>User</strong> VPN connects an employee on the road or working<strong>User</strong> <strong>Guide</strong> 17
Change language