Table of Contents
Advertisement
Firewall menu options
Definitions
Definitions
The UTM Firewall Management Console provides definitions to assist with customizing your security policy.
Definitions are used in packet filter or NAT rules, which allows for granularity in the rules and subsequently,
a more manageable security policy.
Definitions are objects created to define the service group, address, and interface entities:
• Service Group – A definition that consists of a single service or a set of services.
• Address – A definition that defines a single IP address or a range of addresses.
• DNS Hostname – A definition that defines a DNS hostname.
• Address Group – A definition that consists of a set of definitions. Groups can consist of Address, DNS
Hostname, and Address Group definitions.
• Interface Group —– A definition that consists of a set of UTM Firewall interfaces.
Before creating packet filter or NAT rules, it is sometimes useful to define services or groups of services,
addresses, and interfaces used to match packets. Definitions need not be created for simple rules that only
specify a single service, address, or interface, as these can be entered while creating the rule. If a rule
specifies groups of services, addresses, or interfaces, then you must create definitions for these groups
before you create the rule.
The Definitions menu contains the following pages:
•
Service Groups page
•
Addresses page
•
Interfaces page
Service Groups page
A service group can be used to group together similar services. For example, you can create a group of
services that you want to allow, and then use a single rule to allow them all at once. A service can belong to
multiple service groups. You can refer to a service group in multiple packet filter rules. If you then modify
the service group, all of the packet filter rules then use the modified service group.
A network service is defined by a protocol and port. Protocol can be either TCP, UDP, ICMP or IP. The port
can be any valid network port number between 1 and 65535. As an example, HTTP (Web) uses the TCP
protocol, with a default port of 80. Network packets may be matched by destination service.
The Service Groups page is shown in
152
McAfee UTM Firewall 4.0.4 Administration Guide
Figure
156.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee SG310
Related Products for McAfee SG310
- McAfee SG720
- McAfee SAV85E - Active VirusScan - PC
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE EPOLICY ORCHESTRATOR 4.0 PATCH 5 - S 12-05-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 1 - S 24-04-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 3 - S 09-02-2009
- McAfee SMEFCE-AI-DA - Email Security Service Inbound