Setting Up Idp For A Mail Server - D-Link NetDefendOS User Manual

coming from a blacklisted source with be automatically dropped by NetDefendOS. For more
details of how blacklisting functions see Section 6.8, "Blacklisting Hosts and Networks".
Tip
Any IP address that exists in the NetDefendOS whitelist cannot be blacklisted. For this
reason it is recommended that the IP address of the management workstation and the
NetDefend Firewall itself is added to the whitelist when using IDP.
IDP Can Trigger ZoneDefense
The Protect action includes the option that the particular switch that triggers the IDP Rule can
be de-activated through the D-Link ZoneDefense feature. For more details on how ZoneDefense
functions see Chapter 12, ZoneDefense. Note that this feature is only available for switches
manufactured by D-Link.
Example 6.31. Setting up IDP for a Mail Server
The following example details the steps needed to set up IDP for a simple scenario where a mail
server is exposed to the Internet on the DMZ network with a public IPv4 address. The public
Internet can be reached through the firewall on the WAN interface as illustrated below.
An IDP rule called IDPMailSrvRule will be created, and the Service object to use is the SMTP
service. The Source Interface and Source Network defines where traffic is coming from, in this
example the external network. The Destination Interface and Destination Network define where
traffic is directed to, in this case the mail server. The Destination Network should therefore be set
to the object defining the mail server.
Command-Line Interface
Create an IDP Rule:
gw-world:/> add IDPRule
SourceInterface=wan
SourceNetwork=wannet
DestinationInterface=dmz
DestinationNetwork=ip_mailserver
Service=smtp
560
Chapter 6: Security Mechanisms