WatchGuard Firebox System 4.6 User Guide
Share Embed Flag
Download ePaper

WatchGuard Firebox System 4.6 User Guide

WatchGuard Firebox System 4.6 User Guide WatchGuard Firebox System 4.6 User Guide

watchguard.com
from watchguard.com More from this publisher
13.07.2015 Views

Creating a new service7 You can add multiple services to the Services Arena while the Services dialog boxis open. When you finish adding services, click Close.The Services Arena displays an icon for each service added.8 Click File => Save => To Firebox to save your changes to the Firebox. Specify thelocation and name of the new configuration file.Creating a new serviceIn addition to well-known services, you can create and add a new or custom service.From Policy Manager:1 On the toolbar, click Add Services.2 Click New.3 Enter the name of the new service.It must be a unique name not already listed under Services in the Services dialog box.4 Enter a description of the new service.The description appears in the Details section of the Services dialog box when you select theservice.5 Click Add.Use the Add Port dialog box to configure the port for the new service.6 Use the Protocol drop list to select a protocol:TCPTCP-based servicesUDPUDP-based servicesHTTPServices examined by the HTTP proxyIPFilter a service using something other than TCP (protocol number 6) or UDP(protocol 17) for the next-level protocol. Select IP to create a protocol numberservice.7 Use the Client Port drop list to select a client port:IgnoreClient ports will ignore the source port.SecureClient is dynamically allocated a port less than 1024 (for secure services such asSSH).PortClient port uses same port as listed in the Port number field of the service’s icon.ClientClient is dynamically allocated a port above 1000.48

Defining service properties8 In the Port text box, enter the well-known port number for this service.For a list of well-known services and their associated ports, see the Reference Guide or OnlineHelp.9 Click OK.Policy Manager adds the port configuration to the New Service dialog box.10 Verify that the name, description, and configuration of this service are correct.11 Click Add to configure another port for this service. Repeat the process until allports for the service are configured. When you finish, click OK.The Services dialog box appears with the new service. You can now add the custom service to theServices Arena just as you would an existing service. For more information, see “Adding anexisting service” on page 47.12 Click File => Save => To Firebox to save your changes to the Firebox. Specify thelocation and name of the new configuration file.Defining service propertiesUse the Properties dialog box to configure a service’s incoming and outgoing accessrules. Defining service properties includes:• Adding incoming hosts, networks, and users• Adding outgoing hosts, networks, and usersThe Properties dialog box for a typical service displays Incoming and Outgoing tabs.The Incoming tab defines which hosts and users outside the Firebox can use theservice to initiate sessions with your protected users and hosts. The Outgoing tabdefines which hosts and users behind the Firebox can use the service to initiatesessions with an outside host. You can make any service a one-directional filter bysetting the Connections Are drop list to Disabled.After defining service properties, you need to save your configuration file, asdescribed at the end of the previous procedures.Adding incoming service propertiesFrom Policy Manager:1 In the Services Arena, double-click the service.The Properties dialog box appears, displaying the Incoming tab.2 Use the Incoming Connections Are drop list to select Enabled and Allowed.3 To define specific external users or hosts that the service will allow in, click Addbeneath the From list.The Add Address dialog box appears. For a description, see “Adding addresses to serviceproperties” on page 50.4 To define specific destinations within the Trusted network that can receivethrough the service, click Add beneath the To list.5 To customize logging and notification for incoming traffic for this service, clickLogging. Configure logging and notification according to your security policypreferences.For a description of each control, right-click the control and then click What’s This?6 Click OK.User Guide 49

Creating a new service7 You can add multiple services to the Services Arena while the Services dialog boxis open. When you finish adding services, click Close.The Services Arena displays an icon for each service added.8 Click File => Save => To <strong>Firebox</strong> to save your changes to the <strong>Firebox</strong>. Specify thelocation and name of the new configuration file.Creating a new serviceIn addition to well-known services, you can create and add a new or custom service.From Policy Manager:1 On the toolbar, click Add Services.2 Click New.3 Enter the name of the new service.It must be a unique name not already listed under Services in the Services dialog box.4 Enter a description of the new service.The description appears in the Details section of the Services dialog box when you select theservice.5 Click Add.Use the Add Port dialog box to configure the port for the new service.6 Use the Protocol drop list to select a protocol:TCPTCP-based servicesUDPUDP-based servicesHTTPServices examined by the HTTP proxyIPFilter a service using something other than TCP (protocol number 6) or UDP(protocol 17) for the next-level protocol. Select IP to create a protocol numberservice.7 Use the Client Port drop list to select a client port:IgnoreClient ports will ignore the source port.SecureClient is dynamically allocated a port less than 1024 (for secure services such asSSH).PortClient port uses same port as listed in the Port number field of the service’s icon.ClientClient is dynamically allocated a port above 1000.48

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!