Configuring The Initial Security Policy; Solstice Firewall-First! Licensing; Installing Solstice Firewall-First! On A New Network Interface - Sun Microsystems Netra User Manual

16
Configuring the Initial Security Policy

Solstice FireWall-First! Licensing

Installing Solstice FireWall-First! on a New Network Interface

16-2
Note – Refer to the Solstice FireWall-First! online documentation when
deciding on thesecurity policy for your site.
Your network is not secure until a security policy is installed. You can choose
to install the default security policy or you can specify your own. The default
security policy is:
•
Telnet: Disallow incoming connections; allow and log outgoing connections.
•
Ftp: Disallow incoming and outgoing connections.
•
Mail: Allow and log incoming connections; allow outgoing connections.
•
Web: Disallow incoming connections; allow and log outgoing connections.
•
Internet Phone: Disallow incoming or outgoing connections.
•
Any Other: Disallow incoming or outgoing connections.
Note – For Netra systems that do not have a monitor, remote administration is
allowed as part of the default security policy.
The Solstice FireWall-First! software comes with a pre-installed basic license.
The basic license allows you to have five concurrent internal Internet users and
six different services in your security policy. Upgrade licenses can be
purchased separately from your authorized Solstice FireWall-First! reseller.
The full version of the Solstice FireWall-1™ Light Security Center is also
installed on your system. To unlock this version, you must purchase the
appropriate license from your reseller.
Every time a new networking interface is installed and you want the firewall
software to monitor that interface, you must restart the Netra server. (See
Chapter 19 for instructions on restarting the server.)
Netra Internet Server 3.1 User's Manual—September 1996