Schedules; Setting Up A Time-Scheduled Policy - D-Link NetDefend DFL-210 User Manual
Network security firewall ver. 1.05
Hide thumbs
Also See for NetDefend DFL-210:
- User manual (495 pages) ,
- Log reference manual (476 pages) ,
- Cli reference manual (213 pages)
Table of Contents
Advertisement
3.6. Schedules
3.6. Schedules
In some scenarios, it might be useful to control not only what functionality is enabled, but also when
that functionality is being used.
For instance, the IT policy of an enterprise might stipulate that web traffic from a certain department
is only allowed access outside that department during normal office hours. Another example might
be that authentication using a specific VPN connection is only permitted on weekdays before noon.
NetDefendOS addresses this requirement by providing Schedule objects, or simply schedules, that
can be selected and used with various types of security policies to accomplish time-based control.
This functionality is in no way limited to IP Rules, but is valid for most types of policies, including
Traffic Shaping rules, Intrusion Detection and prevention (IDP) rules and Virtual Routing rules. A
Schedule object is, in other words, a very powerful component that can allow detailed regulation of
when functions in NetDefendOS are enabled or disabled.
A Schedule object gives the possibility to enter multiple time ranges for each day of the week. Fur-
thermore, a start and a stop date can be specified that will impose additional constraints on the
schedule. For instance, a schedule can be defined as Mondays and Tuesdays, 08:30 - 10:40 and
11:30 - 14:00, Fridays 14:30 - 17:00.
Example 3.17. Setting up a Time-Scheduled Policy
This example creates a schedule object for office hours on weekdays, and attaches the object to an IP Rule that
allows HTTP traffic.
CLI
gw-world:/> add ScheduleProfile OfficeHours Mon=8-17 Tue=8-17 Wed=8-17 Thu=8-17
gw-world:/> add IPRule Action=NAT Service=http SourceInterface=lan
Web Interface
1.
Go to Objects > Schedules > Add > Schedule
2.
Enter the following:
•
Name: OfficeHours
3.
Select 08-17, Monday to Friday in the grid.
4.
Click OK.
1.
Go to Rules > IP Rules > Add > IPRule
2.
Enter the following:
•
Name: AllowHTTP
3.
Select the following from the dropdown lists:
Important
As schedules depend on an accurate date and time, it is very important that the system
date and time are set correctly. Preferably, time synchronization has also been en-
abled to ensure that scheduled policies will be enabled and disabled at the right time.
For more information, please see Section 3.8, "Setting Date and Time".
Fri=8-17
SourceNetwork=lannet DestinationInterface=any
DestinationNetwork=all-nets Schedule=OfficeHours
name=AllowHTTP
55
Chapter 3. Fundamentals
Advertisement
Table of Contents
