Blocking Ports - Watchguard Firebox X20E User Manual
Firmware version 8.6 all firebox x edge e-series standard and wireless models
Hide thumbs
Also See for Firebox X20E:
- Reference manual (78 pages) ,
- Quick start manual (12 pages) ,
- User manual (314 pages)
Table of Contents
Advertisement
Select the Auto-block hosts that send traffic that is denied by the default policy check box to
3
add the IP addresses of any site denied by the Edge's default firewall policy to the temporary
Blocked Sites list. To understand your Edge's default firewall policy, look at Firewall > Incoming.
If you enable the auto-block feature, the source IP address of any traffic that is denied by the
Edge because there is no rule to allow it will be added to the auto-blocked sites list.
Change the amount of time a site stays on the auto-blocked sites list with the Duration for
4
automatically blocked sites drop-down list.
You can create exceptions to the auto-blocked sites rules. No traffic from an IP address on the
5
Auto-block exceptions list is ever blocked by the auto-blocking feature. Use the drop-down list
to select whether you want to enter a host IP address, a network address, or a range of IP
addresses. Type the value in the adjacent text box and click Add.
Blocking Ports
You can block the ports that you know can be used to attack your network. This stops specified exter-
nal network services. When you block a port, you override all the rules in your firewall configuration.
You can block a port because:
Blocking ports protects your most sensitive services. The feature helps protect you from errors in
•
your Firebox® configuration.
Probes against sensitive services can make independent log entries.
•
By default, the Edge is configured to block these ports:
X Window System (ports 6000-6005)
The X Window System (or X-Windows) client connection is not encrypted and is dangerous to
use on the Internet.
User Guide
Blocking Ports
129
Hide quick links:
Advertisement
Table of Contents
