User Manuals: Silicon Graphics Gauntlet Configuration

Manuals and User Guides for Silicon Graphics Gauntlet Configuration. We have 1 Silicon Graphics Gauntlet Configuration manual available for free PDF download: Administrator's Manual

Silicon Graphics Gauntlet Administrator's Manual (306 pages)

for IRIX

Brand: Silicon Graphics | Category: Firewall | Size: 3 MB

Table of Contents
3
List of Figures

17
About this Guide

19
- Audience
  19
- About this Guide
  20
- Conventions Used in this Guide
  22
- Installation and System Requirements
  23
- Additional Resources
  23
  - Books
    23
  - Newsgroups
    23
  - Mailing Lists
    23
  - Frequently Asked Questions Lists
    24
  - White Papers
    24
- How to Get Latest Security Patches
  25
Understanding the Gauntlet Internet Firewall

27
1 Understanding the Gauntlet Firewall

29
- Understanding Gauntlet Firewall Concepts
  29
  - Design Philosophy
    29
  - Security Perimeter
    30
  - Trusted and Untrusted Networks
    30
  - Policy
    32
  - Transparency
    32
- Understanding Gauntlet Firewall Components
  33
  - Hardware and Software
    33
- How a Firewall Works
  36
Conﬁguring and Using Proxies

43
2 Managing SMTP Services

45
- Understanding the Proxy
  45
- How It Works
  46
- Configuring the Firewall for SMTP
  46
  - Planning
    47
  - Configuring the Firewall
    47
  - Configuring Network Services
    48
  - Configuring the Proxy Rules
    48
  - Advertising the Firewall as a Mail Exchanger
    48
  - Configuring Your Internal Mail Hub
    48
  - Verifying Your Setup
    49
- Using Mail
  49
3 Managing POP3 Services

51
- Understanding the Proxy
  51
- How the POP3 Proxy Works
  52
- Configuring the Firewall for POP3
  52
- Using POP3 to Exchange Mail
  54
4 Managing Terminal Services

57
5 Managing FTP Services

65
- Understanding the FTP Proxy
  65
- How the FTP Proxy Works
  66
- Configuring the Firewall for FTP Services
  67
  - Planning
    67
  - Configuring Network Services
    67
  - Configuring the Proxy Rules
    67
  - Creating Authentication User Entries
    67
  - Verifying Your Setup
    68
- Using FTP Services
  68
  - Using Authentication
    68
  - Using Authentication with some GUI FTP Tools
    69
- Running an Anonymous FTP Server
  70
6 Managing Rsh Services

73
- Understanding the Rsh Proxy
  73
- How It Works
  74
- Configuring the Firewall for Rsh Services
  74
  - Planning
    74
  - Configuring Network Services
    74
  - Configuring the Proxy Rules
    75
  - Verifying Your Setup
    75
- Using Rsh Services
  75
  - Configuring the Remote Machine
    75
7 Managing Gopher and WWW Services

77
- Understanding the Proxy
  77
- How It Works
  78
  - Authenticated HTTP
    79
  - Gopher and FTP Services
    80
  - SHTTP and SSL Services
    80
- Configuring the Firewall for WWW and Gopher Services
  80
  - Planning
    80
  - Configuring Network Services
    81
  - Configuring the Proxy Rules
    81
  - Creating User Authentication Entries
    81
  - Verifying Your Setup
    81
- Using Web Services
  81
  - Using Proxy-Aware Browsers
    82
  - Using Non-Proxy-Aware Browsers
    84
- Using Gopher Services
  85
- Running a WWW Server
  86
- 8 Managing Realaudio Services
  
  87
  - Understanding the Realaudio Proxy
    87
  - How It Works
    88
  - Configuring the Firewall to Use the Realaudio Proxy
    88
    
    Planning
    89
    
    Configuring Network Services
    89
    
    Configuring the Proxy Rules
    89
    
    Verifying Your Setup
    89
  - Using the Realaudio Proxy
    89
    
    To Configure the Realaudio Player
    90
- 9 Managing Mediabase Services
  
  91
  - Understanding the Mediabase Proxy
    91
  - How It Works
    92
  - Configuring the Firewall to Use the Mediabase Proxy
    92
    
    Planning
    92
    
    Configuring Network Services
    93
    
    Configuring the Proxy Rules
    93
    
    Verifying Your Setup
    93
  - Using the Mediabase Proxy
    93
10 Managing X Window Services

95
- Understanding the X11 Proxy
  95
- How the X11 Proxy Works
  96
- Configuring the Firewall for X11 Services
  97
  - Planning
    97
  - Configuring Network Services
    97
  - Configuring the Proxy Rules
    97
  - Verifying Your Setup
    97
  - Using X11 Services
    98
  - Figure 10-1 Example X Window Port Information
    99
11 Managing LP Services

101
- Understanding the Lp Proxy
  101
- How the Lp Proxy Works
  102
- Configuring the Firewall for Lp Services
  102
  - Planning
    102
  - Configuring Network Services
    103
  - Configuring the Proxy Rules
    103
  - Configuring the Sending Machine
    103
  - Configuring the Receiving Machine
    103
  - Verifying Your Setup
    104
- Using Lp Services
  104
12 Managing Sybase Services

105
- Understanding the Sybase Proxy
  105
- How It Works
  106
- Configuring the Firewall for Sybase Services
  107
  - Planning
    107
  - Configuring Network Services
    107
  - Configuring the Proxy Rules
    107
  - Configuring Sybase Clients
    108
  - Verifying Your Setup
    108
- Administering General Gauntlet Firewall Services
  
  109
13 Managing NNTP and General TCP Services

111
- Understanding the Proxy
  112
- How It Works
  113
  - Configuring the Firewall for NNTP
    113
    
    Planning
    113
    
    Configuring the Firewall
    114
    
    Configuring Network Services
    114
    
    Configuring the Proxy Rules
    114
    
    Informing Your News Feed
    114
    
    Configuring Your News Server
    114
    
    Verifying Your Setup
    115
  - Using NNTP
    115
  - Configuring the Firewall for Other Protocols
    115
    
    Planning
    115
    
    Configuring Network Services
    116
    
    Configuring the Proxy Rules
    116
    
    Configuring Your Service
    117
    
    Verifying Your Setup
    117
  - Configuring Multiple Newsfeeds
    117
  - Configuring Your NNTP Proxy for Reading News
    118
14 Managing General TCP Services with Authentication

119
- Understanding the Circuit Proxy
  119
- How It Works
  120
- Configuring the Firewall for Authenticated TCP Services
  121
  - Planning
    121
  - Configuring Network Services
    122
  - Configuring the Proxy Rules
    123
  - Verifying Your Setup
    124
  - Using the Circuit Proxy
    124
15 Managing Information Services on the Firewall

127
- Understanding the Info Server
  127
- How It Works
  128
  - HTTP and Gopher Server
    128
  - FTP Server
    128
  - How the Database Works
    129
- Configuring the Firewall
  131
  - Planning
    132
  - Configuring Network Services
    132
  - Configuring the Proxy Rules
    132
  - Verifying Your Setup
    132
- Using the Info Server
  132
  - Planning
    133
  - Creating Files
    133
  - Placing Files on the Firewall
    133
  - Adding Files to the Database
    133
  - Creating FTP List Files
    135
  - Creating Gopher Menu Files
    135
  - Advertising Your Server
    136
16 Using the Network Access Control Daemon

137
- Understanding the Network Access Control Daemon
  137
- How It Works
  138
- Configuring the Network Access Control Daemon
  138
  - Planning
    139
  - Configuring Network Services
    139
  - Configuring the Proxy Rules
    139
  - Configuring Your Service
    139
  - Verifying Your Setup
    139
17 The Graphical Management Interface

141
- Figure 17-15 Sendmail Configuration Form
  141
- Figure 17-17 Swipe Configuration Form
  141
- Figure 17-8 Routing Configuration Form
  141
- First Time User Tips
  142
  - Help Links
    142
  - Hide and Unhide Buttons
    142
  - Figure 17-1 Hide Button
    142
  - Gauntlet Default Settings
    143
  - When to Use Configure All
    143
- Using the Gauntlet Management Interface
  143
  - Figure 17-2 Unhide Button
    143
  - Configuring Gauntlet Locally
    144
- Introductory Management Form
  144
- Figure 17-3 Gauntlet Introductory Management Form (1 of 3)
  146
- Figure 17-4 Gauntlet Introductory Management Form (2 of 3)
  147
- Figure 17-5 Gauntlet Introductory Management Form (3 of 3)
  148
- Networks and Interfaces Configuration Form
  149
- Networks and Interfaces Conﬁguration Form
  149
  - Trusted Networks
    152
  - Trusted Interfaces
    152
  - Untrusted Networks
    153
  - Trusted Ports
    153
- Routing Configuration Form
  154
  - Additional Routing Information
    156
- Proxy Servers Configuration Form
  157
  - Remote (Network) Connections
    157
- Proxy Servers Conﬁguration Form
  157
  - Enabling Transparent Proxies
    158
  - Enabling Individual Proxy Services
    158
- Domain Name Service (DNS) and Gauntlet
  165
- DNS Conﬁguration Form
  166
  - Configuring a Split DNS Server
    168
- DNS Configuration Form
  166
  - Configuring Fully Populated DNS Server
    166
- Sendmail on Gauntlet Servers
  172
  - Mail Hubs
    172
  - Mail Relays
    173
  - Gauntlet and Subdomains
    173
  - Sendmail Configuration Form
    174
- Swipe Configuration Form
  178
  - Authentication and Encryption Schemes
    179
  - Figure 17-16 Gauntlet Hosts Using Swipe in a VPN
    179
  - VPN Paths
    180
  - Preparing a Server for Swipe Configuration
    180
  - Configuring a Server for Swipe
    182
  - Figure 17-18 Add Swipe Key Form
    183
  - Figure 17-19 Add Swipe Path Form
    184
  - Verifying Your Setup
    185
- Logﬁles and Reports Conﬁguration Form
  185
- Logfiles and Reports Configuration Form
  185
- Authorizing Users Form
  189
- Configuring Gauntlet for Remote Administration
  194
  - Accessing the Administration Tool from a Browser
    196
  - Accessing the Administration Tool from an X Display
    196
- Configuring Gauntlet for Secure Remote Administration
  196
18 Managing User Authentication

199
- Understanding the User Authentication Management System
  199
  - How the Firewall Uses this Information
    200
  - How Other Services Use this Information
    200
  - The Pieces
    201
- Understanding Strong Authentication
  202
  - Access Key II
    202
  - Apop
    202
  - Securid
    203
  - Enigmalogic Safeword
    203
  - S/Key
    203
  - Reusable Passwords
    203
- Configuring the User Authentication Management System
  204
- Managing Groups
  206
  - Creating Groups
    207
  - Disabling Groups
    207
  - Deleting Groups
    207
- Managing Users
  207
  - Creating Users
    207
  - Creating Users with Access Key II
    209
  - Changing User Names
    210
  - Changing Groups
    210
  - Changing Protocols
    211
  - Changing Passwords
    211
  - Enabling Users
    212
  - Disabling Users
    212
  - Deleting Users
    213
19 Using the Login Shell

215
- Understanding the Login Shell Program
  215
- How It Works
  215
- Configuring the Firewall to Use the Login Shell Program
  216
  - Planning
    216
  - Enabling Remote Login
    216
  - Adding Support for the Login Shell
    216
  - Creating User Accounts
    217
  - Configuring the Proxy Rules
    217
  - Configuring the Shell
    217
  - Creating User Authentication Records
    218
  - Securing Other Applications
    218
  - Verifying Your Setup
    219
  - Using the Login Shell Program
    219
    
    Accessing the Firewall from Trusted Networks
    219
    
    Accessing the Firewall from Untrusted Networks
    219
    
    Changing Password for User Account
    220
20 Logging and Reporting

221
- Understanding Logging and Reporting
  221
- Creating Logs
  222
- Configuring Logs
  223
  - Configuring Additional Logging
    223
  - Configuring Log Retention Time
    223
  - Creating Reports
    223
    
    Service Summary Reports
    224
    
    Exception Reports
    224
  - Configuring Reports
    225
    
    Configuring Events to Ignore
    225
    
    Configuring the Firewall
    225
  - Reading Logs and Reports
    226
    
    Logs
    226
    
    Service Summary Reports
    227
    
    Exception Reports
    227
21 Backups and System Integrity

229
- Backing up Your Firewall
  229
  - Backup Considerations
    229
  - Restoring the Firewall
    230
- Verifying System Integrity
  230
  - Understanding System Integrity
    230
  - Configuring the Files to Ignore
    230
  - Protecting the Integrity Database
    231
  - Verifying System Integrity
    231
  - Understanding the Results
    231
Appendixes

233
Gauntlet System Files

235
- Viewing the Gauntlet File List
  235
Netperm Table

241
- Policy Rules
  241
- Application-Specific Rules
  242
  - Proxies
    242
  - Applications
    243
- Using this Information
  243
- Modifying the Netperm Table File
  244
- Netperm Table Syntax
  244
  - Precedence
    244
  - Format
    245
  - Keywords
    246
  - Attributes
    247
- Creating New Policies
  247
- Adding Proxy Services
  249
- Denying Services by Network or Host
  249
  - Denying Access from a Host or Network
    249
- Controlling Services by User, Group or Time
  250
  - User or Group
    251
- Operation
  251
  - Denying Access to a Host or Network
    252
- Attribute Reference
  253
Virtual Private Networks

295
- Understanding Virtual Private Networks
  295
- How It Works
  299
  - Encrypting the Data
    299
  - Decrypting the Data
    299
  - Routing the Packet
    300
Conﬁguring SSL on the Gauntlet Firewall

301
- Getting Ready for SSL Configuration
  301
- SSL Configuration Procedure
  302

Silicon Graphics Categories

Server

Desktop

Storage

Monitor Network Hardware

More Silicon Graphics Manuals

User Manuals: Silicon Graphics Gauntlet Configuration

Silicon Graphics Gauntlet Administrator's Manual (306 pages)

Table of Contents

List of Figures

About this Guide

Understanding the Gauntlet Internet Firewall

1 Understanding the Gauntlet Firewall

Conﬁguring and Using Proxies

2 Managing SMTP Services

3 Managing POP3 Services

4 Managing Terminal Services

5 Managing FTP Services

6 Managing Rsh Services

7 Managing Gopher and WWW Services

8 Managing Realaudio Services

9 Managing Mediabase Services

10 Managing X Window Services

11 Managing LP Services

12 Managing Sybase Services

Administering General Gauntlet Firewall Services

13 Managing NNTP and General TCP Services

14 Managing General TCP Services with Authentication

15 Managing Information Services on the Firewall

16 Using the Network Access Control Daemon

17 The Graphical Management Interface

18 Managing User Authentication

19 Using the Login Shell

20 Logging and Reporting

21 Backups and System Integrity

Appendixes

Gauntlet System Files

Netperm Table

Virtual Private Networks

Conﬁguring SSL on the Gauntlet Firewall

Related Products

Silicon Graphics Categories