|
|
|
|
|
The firewall security level can be controlled using a simple lever available on the Firewall page. You can set the lever to the following states.
Firewall Security Levels
This level… |
Does this… |
Further Details |
|---|---|---|
Low |
Enforces basic control on incoming connections, while permitting all outgoing connections. |
All inbound traffic is blocked to the external Safe@Office appliance IP address, except for ICMP echoes ("pings"). All outbound connections are allowed. |
Medium |
Enforces strict control on all incoming connections, while permitting safe outgoing connections. This is the default level and is recommended for most cases. Leave it unchanged unless you have a specific need for a higher or lower security level. |
All inbound traffic is blocked. All outbound traffic is allowed to the Internet except for Windows file sharing (NBT ports 137, 138, 139 and 445). |
High |
Enforces strict control on all incoming and outgoing connections. |
All inbound traffic is blocked. Restricts all outbound traffic except for the following: Web traffic (HTTP, HTTPS), email (IMAP, POP3, SMTP), ftp, newsgroups, Telnet, DNS, IPSEC IKE and VPN traffic. |
Block All |
Blocks all access between networks. |
All inbound and outbound traffic is blocked between the internal networks. This does not affect traffic to and from the gateway itself. |
The definitions of firewall security levels provided in this table represent the Safe@Office appliance’s default security policy.
You can easily override the default security policy, by creating user-defined firewall rules. For further information, see Using Rules.
|
Note: If the security policy is remotely managed, this lever might be disabled. |
|
Note: Security updates downloaded from a Service Center may alter the security policy and change these definitions. |
To change the firewall security level
The Firewall page appears.
The Safe@Office appliance security level changes accordingly.
