Table of Contents
Advertisement
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
–
Groups. The rule is applied to a group of PCs. (You can configure groups for LAN WAN
outbound rules but not for DMZ WAN outbound rules.) The Known PCs and Devices
table is an automatically-maintained list of all known PCs and network devices and is
generally referred to as the Network Database, which is described in
Network Database" on page
Database by various methods that are described in
Groups)" on page
•
WAN Users. You can specify which Internet locations are covered by an inbound rule, based
on their IP address:
–
Any. The rule applies to all Internet IP address.
–
Single address. The rule applies to a single Internet IP address.
–
Address range. The rule is applied to a range of Internet IP addresses.
•
Schedule. You can configure three different schedules to specify when a rule is applied. Once
a schedule is configured, it affects all rules that use this schedule. You specify the days of the
week and time of day for each schedule. For more information, see
Block or Allow Specific Traffic" on page
•
QoS Profile. You can define QoS profiles and then apply them to inbound rules to regulate the
priority of traffic. To define QoS profiles, see
page
5-33.
•
Bandwidth Profile. You can define bandwidth profiles and then apply them to inbound rules
to limit traffic. To define bandwidth profiles, see
Port Triggering
Port triggering allows some applications running on a LAN network to be available to external
applications that would otherwise be partially blocked by the firewall. Using this the port
triggering feature requires that you know the port numbers used by the application. Without port
triggering, the response from the external application would be treated as a new connection request
rather than a response to a requests from the LAN network. As such, it would be handled in
accordance with the inbound port forwarding rules, and most likely would be blocked.
For the procedure on how to configure port triggering, see
page
5-44.
Configuring the DMZ Port
The De-Militarized Zone (DMZ) is a network that, by default, has fewer firewall restrictions when
compared to the LAN. The DMZ can be used to host servers (such as a Web server, FTP server, or
e-mail server) and provide public access to them. The fourth LAN port on the UTM (the rightmost
Network and System Management
4-13. PCs and network devices are entered into the Network
4-12.
5-39.
v1.0, September 2009
"Managing Groups and Hosts (LAN
"Setting a Schedule to
"Creating Quality of Service (QoS) Profiles" on
"Creating Bandwidth Profiles" on page
"Configuring Port Triggering" on
"Managing the
5-36.
10-7
Advertisement
Table of Contents
Troubleshooting
