WatchGuard Firebox System 4.6 User Guide
WatchGuard Firebox System 4.6 User Guide WatchGuard Firebox System 4.6 User Guide
Blocking sites temporarily with service settingsRemoving a blocked portFrom the Blocked Ports dialog box, click a port number in the Blocked Ports list.Click Remove.Logging and notification for blocked portsFrom the Blocked Ports dialog box:1 Click Logging.The Logging and Notification dialog box appears.2 In the Category list, click Blocked Ports.3 Modify the logging and notification parameters according to your security policypreferences.For detailed instructions, see “Customizing logging and notification by service or option” onpage 76.Blocking sites temporarily with service settingsUse service properties to automatically and temporarily block sites when incomingtraffic attempts to use a denied service. You can use this feature to individually log,block, and monitor sites that attempt access to restricted ports on your network.Configuring a service to temporarily block sitesConfigure the service to automatically block sites that attempt to connect using adenied service. From Policy Manager:1 Double-click the service icon in the Services Arena.The Properties dialog box appears.2 Use the Incoming Service Connections Are drop list to select Enabled andDenied.3 Enable the Auto-Block Sites that Attempt to Connect Via checkbox.To change the auto-block duration, see “Changing the auto-block duration” on page 44.Viewing the Blocked Sites listUse Firebox Monitors to view sites that are automatically blocked according to aservice’s property configuration. From the Control Center:1 On the QuickGuide, click the Firebox Monitors icon.2 Click the Blocked Site List tab. (You might need to use the arrows to access thistab.)The Blocked Sites list appears.46
CHAPTER 8Configuring ServicesThe Services Arena of Policy Manager displays an icon for each configured service. Aservice represents a particular type of proxy or packet-filtering connection such asFTP, SMTP, or proxied HTTP. A symbol next to the service indicates whether theservice is configured for outgoing traffic, incoming traffic, or both. Services with nosymbol are not active.The Firebox System includes many well-known service types. You can also addunique or custom services. This feature accommodates new TCP/IP services as theyare developed.Adding an existing serviceAdd an existing, well-known service using the Services dialog box. From PolicyManager:1 On the toolbar, click the Add Services icon (it appears as a plus sign (+)).You can also select Edit => Add Service.2 Click to select a service from the list of available services.You can expand the tree to display all available services. When you click a service, the serviceicon appears in the dialog box, on the right side. Also, a Details box displays basic informationabout the service. For more information about individual services, see the “Types of Services”Appendix in the Reference Guide.3 Click Add.4 In the Comments text box, enter comments or a description of this version of theservice, to assist with identification.Comments appear under the Properties tab in the Comments field of the Properties dialog box.5 Click OK.The service’s Properties dialog box appears. For more information, see “Defining serviceproperties” on page 49.6 Click OK to close the Properties dialog box.User Guide 47
- Page 5: Declaration of ConformityWatchGuard
- Page 8 and 9: Resetting Firebox passphrases .....
- Page 10 and 11: CHAPTER 15 Reviewing and Working wi
- Page 12 and 13: WatchGuard Firebox System component
- Page 14 and 15: Minimum requirementsHardware requir
- Page 17 and 18: CHAPTER 1LiveSecurity ServiceNo Int
- Page 19 and 20: LiveSecurity broadcasts• The Lice
- Page 21 and 22: CHAPTER 2Technical SupportDevelopin
- Page 23 and 24: TrainingAfter you enter your LiveSe
- Page 25 and 26: Online Help• On any platform, bro
- Page 27 and 28: CHAPTER 3WatchGuard OptionsThe Watc
- Page 29 and 30: PART IIIConfiguring a SecurityPolic
- Page 31 and 32: CHAPTER 4Firebox BasicsThis chapter
- Page 33 and 34: Opening a configuration fileOpening
- Page 35 and 36: Setting the time zone• Use a comb
- Page 37 and 38: CHAPTER 5Using the WatchGuardContro
- Page 39 and 40: Control Center componentsThe first
- Page 41 and 42: Policy ManagerManipulating the Traf
- Page 43 and 44: Historical ReportsHistorical Report
- Page 45 and 46: CHAPTER 6Configuring a NetworkConfi
- Page 47 and 48: Setting up a routed network• All
- Page 49 and 50: Defining a host routeDefining a hos
- Page 51 and 52: Defining a Firebox as a DHCP server
- Page 53 and 54: CHAPTER 7Blocking Sites and PortsMa
- Page 55: Blocking a port permanently3 In the
- Page 59 and 60: Defining service properties8 In the
- Page 61 and 62: Modifying a serviceThe following ex
- Page 63 and 64: Setting up proxy servicesSelecting
- Page 65 and 66: Setting up proxy servicesand transm
- Page 67 and 68: Service precedencecheck. In the lat
- Page 69 and 70: CHAPTER 9Controlling Web TrafficWeb
- Page 71 and 72: Configuring the WebBlocker serviceP
- Page 73 and 74: CHAPTER 10Setting Up NetworkAddress
- Page 75 and 76: Using service-based NATUsing servic
- Page 77 and 78: Configuring a service for incoming
- Page 79 and 80: CHAPTER 11Setting Up Logging andNot
- Page 81 and 82: Designating Event Processors for a
- Page 83 and 84: Setting up the LiveSecurity Event P
- Page 85 and 86: Setting global logging and notifica
- Page 87 and 88: Customizing logging and notificatio
- Page 89 and 90: CHAPTER 12Connect with Out-of-Band
- Page 91 and 92: Configuring the Firebox for OOB5 En
- Page 93: PART IVAdministering a SecurityPoli
- Page 96 and 97: Using host aliasesAdding a host ali
- Page 98 and 99: Configuring Firebox authenticationC
- Page 100 and 101: Configuring CRYPTOCard server authe
- Page 102 and 103: Using authentication to define remo
- Page 104 and 105: Firebox MonitorsSetting Firebox Mon
CHAPTER 8Configuring ServicesThe Services Arena of Policy Manager displays an icon for each configured service. Aservice represents a particular type of proxy or packet-filtering connection such asFTP, SMTP, or proxied HTTP. A symbol next to the service indicates whether theservice is configured for outgoing traffic, incoming traffic, or both. Services with nosymbol are not active.The <strong>Firebox</strong> <strong>System</strong> includes many well-known service types. You can also addunique or custom services. This feature accommodates new TCP/IP services as theyare developed.Adding an existing serviceAdd an existing, well-known service using the Services dialog box. From PolicyManager:1 On the toolbar, click the Add Services icon (it appears as a plus sign (+)).You can also select Edit => Add Service.2 Click to select a service from the list of available services.You can expand the tree to display all available services. When you click a service, the serviceicon appears in the dialog box, on the right side. Also, a Details box displays basic informationabout the service. For more information about individual services, see the “Types of Services”Appendix in the Reference <strong>Guide</strong>.3 Click Add.4 In the Comments text box, enter comments or a description of this version of theservice, to assist with identification.Comments appear under the Properties tab in the Comments field of the Properties dialog box.5 Click OK.The service’s Properties dialog box appears. For more information, see “Defining serviceproperties” on page 49.6 Click OK to close the Properties dialog box.<strong>User</strong> <strong>Guide</strong> 47