eScan Blog
eScan Website
eScan Forum
eScan Feeds From eScan Wiki
(Difference between revisions)
| Revision as of 08:23, 29 April 2021 TechContent (Talk | contribs) ← Previous diff |
Current revision TechContent (Talk | contribs) |
||
| Line 9: | Line 9: | ||
| |style="text-align:right;"| '''·''' [[Technical Info|<font size=1.5 color="blue">Technical Info</font>]] '''·''' [[Escan/english/Security_Awareness|<font size=1.5 color="blue">Security Awareness</font>]] '''·''' [[User_Guides|<font size=1.5 color="blue">User Guides</font>]] | |style="text-align:right;"| '''·''' [[Technical Info|<font size=1.5 color="blue">Technical Info</font>]] '''·''' [[Escan/english/Security_Awareness|<font size=1.5 color="blue">Security Awareness</font>]] '''·''' [[User_Guides|<font size=1.5 color="blue">User Guides</font>]] | ||
| |} | |} | ||
| - | <h4 style='margin:0in'><a name="_Toc47530324"></a><a name="_Toc47530505"><span | + | <h2 style='color:#556B2F;font-size:24.0pt;font-family:"Open Sans"'>Firewall</h2> |
| - | class=Heading4Char><span lang=EN-IN>Firewall</span></span></a></h4> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>Firewall module | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>Firewall module is designed to monitor all incoming and outgoing network traffic and protect your computer from all types of network based attacks. eScan includes a set of predefined access control rules that you can remove or customize as per your requirements. These rules enforce a boundary between your computer and the network. Therefore, the Firewall feature first checks the rules, analyzes network packets, and filters them on the basis of the specified rules. When you connect to the Internet, you expose your computer to various security threats.<br><br> |
| - | is designed to monitor all incoming and outgoing network traffic and protect | + | The Firewall feature of eScan protects your data when you:</p> |
| - | your computer from all types of network based attacks. eScan includes a set of | + | <ul> |
| - | predefined access control rules that you can remove or customize as per your | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Connect to Internet Relay Chat (IRC) servers and join other people on the numerous channels on the IRC network.</li> |
| - | requirements. These rules enforce a boundary between your computer and the | + | <li style='font-size:11.0pt;font-family:"Open Sans"'> Use Telnet to connect to a server on the Internet and then execute the commands on the server.</li> |
| - | network. Therefore, the Firewall feature first checks the rules, analyzes | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Use FTP to transfer files from a remote server to your computer. </li> |
| - | network packets, and filters them on the basis of the specified rules. When you | + | <li style='font-size:11.0pt;font-family:"Open Sans"'> Use Network Basic Input Output System (NetBIOS) to communicate with other users on the LAN connected to the Internet. </li> |
| - | connect to the Internet, you expose your computer to various security threats.</p> | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Use a computer that is a part of a Virtual Private Network (VPN). </li> |
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Use a computer to browse the Internet. </li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Use a computer to send or receive email. </li> | ||
| + | </ul> | ||
| + | <br> | ||
| + | <p style='font-size:11.0pt;font-family:"Open Sans"'>By default, the firewall operates in the <b>Allow All</b> mode. However, you can customize the firewall by using options like <b>Limited Filter</b> for filtering only incoming traffic and <b>Interactive Filter </b>to monitor incoming and outgoing traffic. The eScan Firewall also lets you specify different set of rules for allowing or blocking incoming or outgoing traffic. These rules include Zone Rules, Expert Rules, Trusted Media Access Control (MAC) Address, and Local IP list. This page provides you with options for configuring the module. You can configure the following settings to be deployed to the eScan client systems.<br><br> | ||
| - | <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:0in; | + | <b>Allow All</b>– Clicking <b>Allow All</b> disables the eScan Firewall i.e. all the incoming and outgoing network traffic will not be monitored/filtered.<br> |
| - | margin-bottom:12.0pt;margin-left:0in;text-align:center;line-height:110%'><img | + | <b>Limited Filter</b>– Clicking <b>Limited Filter</b> enables eScan Firewall in limited mode which will monitor all incoming traffic only and will be allowed or blocked as per the conditions or rules defined in the Firewall.<br> |
| - | border=0 width=578 height=350 id="Picture 107" | + | <b>Interactive</b>- Clicking <b>Interactive </b>enables eScan Firewall to monitor all the incoming and outgoing network traffic and will be allowed or blocked as per the conditions or rules defined in the Firewall.</p> |
| - | src="eScan_Corporate360_UserGuide_revised_files/image171.jpg"></p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>The Firewall | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>Following tabs are available:</p> |
| - | feature of eScan protects your data when you:</p> | + | <ul> |
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Zone Rule</li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Expert Rule</li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Trusted MAC Address</li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Local IP List </li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Application Rule</li> | ||
| + | </ul> | ||
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | <h3 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Zone Rule</h3> |
| - | margin-left:.75in;text-indent:-.25in;line-height:110%'><span style='font-family: | + | |
| - | "Arial",sans-serif'>•<span style='font:7.0pt "Times New Roman"'> | + | |
| - | </span></span>Connect to Internet Relay Chat (IRC) servers and join other | + | |
| - | people on the numerous channels on the IRC network.</p> | + | |
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>This is a set of network access rules to make the decision of allowing/blocking of the access to the system. This will contain the source IP address or source Host name or IP range either to be allowed or blocked. <br> |
| - | margin-left:.75in;text-indent:-.25in;line-height:110%'><span style='font-family: | + | Buttons (to configure a zone rule)<br><br> |
| - | "Arial",sans-serif'>•<span style='font:7.0pt "Times New Roman"'> | + | |
| - | </span></span>Use Telnet to connect to a server on the Internet and then | + | |
| - | execute the commands on the server.</p> | + | |
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | <b>Add Host Name </b>– This option lets you add a "host" in the zone rule. After clicking <b>Add Host Name</b>, enter the HOST name of the system, select the zone Trusted/Blocked) and enter a name for the zone rule. Click <b>OK</b> to create the zone rule.<br><br> |
| - | margin-left:.75in;text-indent:-.25in;line-height:110%'><span style='font-family: | + | |
| - | "Arial",sans-serif'>•<span style='font:7.0pt "Times New Roman"'> | + | |
| - | </span></span>Use FTP to transfer files from a remote server to your computer. </p> | + | |
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | <b>Add IP </b>– This option lets you add an IP address of a system to be added in the zone rule. After clicking <b>Add IP</b>, enter the IP address of the system, select the zone (Trusted/Blocked) and enter a name for the zone rule. Click <b>OK</b> to create the Zone Rule.<br><br> |
| - | margin-left:.75in;text-indent:-.25in;line-height:110%'><span style='font-family: | + | |
| - | "Arial",sans-serif'>•<span style='font:7.0pt "Times New Roman"'> | + | |
| - | </span></span>Use Network Basic Input Output System (NetBIOS) to communicate | + | |
| - | with other users on the LAN connected to the Internet. </p> | + | |
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | <b>Add IP Range </b>– This option lets you add an IP range to be added in the zone rule. After clicking <b>Add IP Range</b>, add the IP Range (i.e. a range of IP that the zone rules should be applied), select the zone (Trusted/Blocked) and enter a name for the zone rule. Click <b>OK</b> to create the zone rule.<br><br> |
| - | margin-left:.75in;text-indent:-.25in;line-height:110%'><span style='font-family: | + | |
| - | "Arial",sans-serif'>•<span style='font:7.0pt "Times New Roman"'> | + | |
| - | </span></span>Use a computer that is a part of a Virtual Private Network (VPN). | + | |
| - | </p> | + | |
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | <b>Modify –</b> To modify/change any listed zone rule (s), select the zone rule to be modified |
| - | margin-left:.75in;text-indent:-.25in;line-height:110%'><span style='font-family: | + | and then click <b>Modify</b>.<br><br> |
| - | "Arial",sans-serif'>•<span style='font:7.0pt "Times New Roman"'> | + | |
| - | </span></span>Use a computer to browse the Internet. </p> | + | |
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | <b>Remove -</b> To remove any listed zone rule (s), select the zone rule and then click <b>Remove</b>.</p> |
| - | margin-left:.75in;text-indent:-.25in;line-height:110%'><span style='font-family: | + | |
| - | "Arial",sans-serif'>•<span style='font:7.0pt "Times New Roman"'> | + | |
| - | </span></span>Use a computer to send or receive email. </p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | <h3 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Expert Rule</h3> |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>By default, the | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>This tab lets you specify advanced rules and settings for the eScan firewall. You can configure expert rules on the basis of the various rules, protocols, source IP address and port, destination IP address and port, and ICMP types. You can create new expert rules. However, configure these rules only if you are familiar with firewalls and networking protocols.</p> |
| - | firewall operates in the <b>Allow All</b> mode. However, you can customize the | + | <ul> |
| - | firewall by using options like <b>Limited Filter</b> for filtering only | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Source IP Address/Host Name</li> |
| - | incoming traffic and <b>Interactive Filter </b>to monitor incoming and outgoing | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Source Port Number</li> |
| - | traffic. The eScan Firewall also lets you specify different set of rules for | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Destination IP Address/Host Name</li> |
| - | allowing or blocking incoming or outgoing traffic. These rules include Zone | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Destination Port Number</li> |
| - | Rules, Expert Rules, Trusted Media Access Control (MAC) Address, and Local IP | + | </ul> |
| - | list. This page provides you with options for configuring the module. You can | + | |
| - | configure the following settings to be deployed to the eScan client systems.</p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Allow All</b><b> | + | <p style='font-size:11.0pt;font-family:"Open Sans"'><b>Buttons (to configure an Expert Rule)</b></p> |
| - | </b>– Clicking <b>Allow All</b> disables the eScan Firewall i.e. all the | + | |
| - | incoming and outgoing network traffic will not be monitored/filtered.</p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | <p style='font-size:11.0pt;font-family:"Open Sans"'><b>Add</b> – Click <b>Add</b> to create a new Expert Rule. Add Firewall Rule Window appears, you can configure the following settings via following tabs: </p> |
| + | <ul> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'> General</li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'> Source </li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'> Destination </li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'> Advanced </li> | ||
| + | </ul> | ||
| + | <p style='font-size:11.0pt;font-family:"Open Sans"'>Let's see them in detail.</p> | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Limited Filter</b><b> | + | <p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>General tab</b></p> |
| - | </b>– Clicking <b>Limited Filter</b> enables eScan Firewall in limited mode | + | |
| - | which will monitor all incoming traffic only and will be allowed or blocked as | + | |
| - | per the conditions or rules defined in the Firewall.</p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>In this section, specify the Rule settings:<br> |
| + | <b>Rule Name –</b> Provide a name to the Rule.<br> | ||
| + | <b>Rule Action –</b> Action to be taken, whether to Permit Packet or Deny Packet.<br> | ||
| + | <b>Protocol –</b>Select the network protocol (e.g. TCP, UDP, ARP) on which the Rule will be | ||
| + | applied.<br> | ||
| + | <b>Apply rule on Interface –</b> Select the Network Interface on which the Rule will be applied.</p> | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Interactive</b><b> | + | <p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Source tab</b></p> |
| - | </b>- Clicking <b>Interactive </b>enables eScan Firewall to monitor all the | + | |
| - | incoming and outgoing network traffic and will be allowed or blocked as per the | + | |
| - | conditions or rules defined in the Firewall.</p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>In this section, specify/select the location from where the outgoing network traffic originates.<br> |
| - | + | <b>My Computer –</b>The rule will be applied for the outgoing traffic originating from your | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>Following tabs | + | computer.<br> |
| - | are available:</p> | + | <b>Host Name –</b>The rule will be applied for the outgoing traffic originating from the computer |
| - | + | as per the host name specified.<br> | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Zone Rule</b></p> | + | <b>Single IP Address –</b> The rule will be applied for the outgoing traffic originating from the computer as per the IP address specified.<br> |
| - | + | <b>Whole IP Range </b> To enable the rule on a group of computers in series, you can specify a range of IP address. The rule will be applied for the outgoing traffic from the computer(s) which is within the defined IP range.<br> | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Expert Rule</b></p> | + | <b>Any IP Address </b> When this option is selected, the rule will be applied for the traffic originating from ANY IP address.<br> |
| - | + | <b>Any –</b> When this option is selected, the rule gets applied for outgoing traffic originating from any port.<br> | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Trusted MAC | + | <b>Single Port –</b> When this option is selected, the rule gets applied for the outgoing traffic |
| - | Address</b></p> | + | originating from the specified/defined port.<br> |
| - | + | <b>Port Range –</b> To enable the rule on a group of ports in series, you can specify a range of ports. The rule will be applied for the outgoing traffic originating from the port which is within the defined range of ports.<br> | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Local IP List </b></p> | + | <b>Port List –</b> A list of port can be specified. The rule will be applied for the outgoing traffic originating from the ports as per specified in the list.</p> |
| - | + | <br> | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Application | + | <table class="MsoNormalTable" style="background: #DBE5F1; border-collapse: collapse; border: none;" border="1" cellspacing="0" cellpadding="0"> |
| - | Rule</b></p> | + | <tr> |
| - | + | <td style="width: 36.9pt; border: solid windowtext 1.0pt; padding: 0in 5.4pt 0in 5.4pt;" width="49"> | |
| - | <h5>Zone Rule</h5> | + | <p style="font-size: 11.0pt; font-family: 'Open Sans';"><strong>NOTE</strong></p> |
| - | + | </td> | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>This is a set of | + | <td style="width: 425.2pt; border: solid windowtext 1.0pt; border-left: none; padding: 0in 5.4pt 0in 5.4pt;" valign="top" width="567"> |
| - | network access rules to make the decision of allowing/blocking of the access to | + | <p style="font-size: 11.0pt; font-family: 'Open Sans';">The rule will be applied when the selected Source IP Address and Source Port matches together.</p> |
| - | the system. This will contain the source IP address or source Host name or IP | + | </td> |
| - | range either to be allowed or blocked. </p> | + | </tr> |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>Buttons (to | + | |
| - | configure a zone rule)</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Add Host Name </b>– | + | |
| - | This option lets you add a "host" in the zone rule. After clicking <b>Add | + | |
| - | Host Name</b>, enter the HOST name of the system, select the zone | + | |
| - | (Trusted/Blocked) and enter a name for the zone rule. Click <b>OK</b> to create | + | |
| - | the zone rule.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Add IP </b>– | + | |
| - | This option lets you add an IP address of a system to be added in the zone | + | |
| - | rule. After clicking <b>Add IP</b>, enter the IP address of the system, select | + | |
| - | the zone (Trusted/Blocked) and enter a name for the zone rule. Click <b>OK</b> | + | |
| - | to create the Zone Rule.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Add IP Range </b>– | + | |
| - | This option lets you add an IP range to be added in the zone rule. After | + | |
| - | clicking <b>Add IP Range</b>, add the IP Range (i.e. a range of IP that the | + | |
| - | zone rules should be applied), select the zone (Trusted/Blocked) and enter a | + | |
| - | name for the zone rule. Click <b>OK</b> to create the zone rule.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Modify –</b> | + | |
| - | To modify/change any listed zone rule (s), select the zone rule to be modified | + | |
| - | and then click <b>Modify</b>.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Remove -</b> | + | |
| - | To remove any listed zone rule (s), select the zone rule and then click <b>Remove</b>.</p> | + | |
| - | + | ||
| - | <h5>Expert Rule</h5> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>This tab lets you | + | |
| - | specify advanced rules and settings for the eScan firewall. You can configure | + | |
| - | expert rules on the basis of the various rules, protocols, source IP address | + | |
| - | and port, destination IP address and port, and ICMP types. You can create new | + | |
| - | expert rules. However, configure these rules only if you are familiar with | + | |
| - | firewalls and networking protocols.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | |
| - | margin-left:.5in;text-indent:-.25in;line-height:110%'><span style='font-size: | + | |
| - | 14.0pt;line-height:110%;font-family:"Arial",sans-serif'>•<span | + | |
| - | style='font:7.0pt "Times New Roman"'> </span></span>Source | + | |
| - | IP Address/Host Name</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | |
| - | margin-left:.5in;text-indent:-.25in;line-height:110%'><span style='font-size: | + | |
| - | 14.0pt;line-height:110%;font-family:"Arial",sans-serif'>•<span | + | |
| - | style='font:7.0pt "Times New Roman"'> </span></span>Source | + | |
| - | Port Number</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | |
| - | margin-left:.5in;text-indent:-.25in;line-height:110%'><span style='font-size: | + | |
| - | 14.0pt;line-height:110%;font-family:"Arial",sans-serif'>•<span | + | |
| - | style='font:7.0pt "Times New Roman"'> </span></span>Destination | + | |
| - | IP Address/Host Name</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | |
| - | margin-left:.5in;text-indent:-.25in;line-height:110%'><span style='font-size: | + | |
| - | 14.0pt;line-height:110%;font-family:"Arial",sans-serif'>•<span | + | |
| - | style='font:7.0pt "Times New Roman"'> </span></span>Destination | + | |
| - | Port Number</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Buttons (to | + | |
| - | configure an Expert Rule)</b></p> | + | |
| - | + | ||
| - | <ol style='margin-top:0in' start=1 type=1> | + | |
| - | <li class=MsoNormal style='margin-bottom:0in;margin-bottom:0in;margin-top: | + | |
| - | 0in;line-height:110%'><b>Add</b> – Click <b>Add</b> to create a new Expert | + | |
| - | Rule. In the Add Firewall Rule Window: </li> | + | |
| - | </ol> | + | |
| - | + | ||
| - | <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:0in; | + | |
| - | margin-bottom:12.0pt;margin-left:0in;text-align:center;line-height:110%'><img | + | |
| - | border=0 width=415 height=440 id="Picture 108" | + | |
| - | src="eScan_Corporate360_UserGuide_revised_files/image172.jpg"></p> | + | |
| - | + | ||
| - | <span style='font-size:11.0pt;line-height:110%;font-family:"Open Sans",sans-serif'><br | + | |
| - | clear=all style='page-break-before:always'> | + | |
| - | </span> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-top:12.0pt;margin-right:0in;margin-bottom: | + | |
| - | 0in;margin-left:0in;line-height:110%'><b>General tab</b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>In this section, | + | |
| - | specify the Rule settings:</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Rule Name –</b> | + | |
| - | Provide a name to the Rule.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Rule Action –</b> | + | |
| - | Action to be taken, whether to Permit Packet or Deny Packet.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Protocol –</b> | + | |
| - | Select the network protocol (e.g. TCP, UDP, ARP) on which the Rule will be | + | |
| - | applied.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Apply rule on | + | |
| - | Interface –</b> Select the Network Interface on which the Rule will be applied.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Source tab</b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>In this section, | + | |
| - | specify/select the location from where the outgoing network traffic originates.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>My Computer –</b> | + | |
| - | The rule will be applied for the outgoing traffic originating from your | + | |
| - | computer.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Host Name –</b> | + | |
| - | The rule will be applied for the outgoing traffic originating from the computer | + | |
| - | as per the host name specified.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Single IP | + | |
| - | Address –</b> The rule will be applied for the outgoing traffic originating | + | |
| - | from the computer as per the IP address specified.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Whole IP Range | + | |
| - | –</b> To enable the rule on a group of computers in series, you can specify a | + | |
| - | range of IP address. The rule will be applied for the outgoing traffic from the | + | |
| - | computer(s) which is within the defined IP range.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Any IP Address | + | |
| - | –</b> When this option is selected, the rule will be applied for the traffic | + | |
| - | originating from ANY IP address.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Any –</b> When | + | |
| - | this option is selected, the rule gets applied for outgoing traffic originating | + | |
| - | from any port.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Single Port –</b> | + | |
| - | When this option is selected, the rule gets applied for the outgoing traffic | + | |
| - | originating from the specified/defined port.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Port Range –</b> | + | |
| - | To enable the rule on a group of ports in series, you can specify a range of | + | |
| - | ports. The rule will be applied for the outgoing traffic originating from the | + | |
| - | port which is within the defined range of ports.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Port List –</b> | + | |
| - | A list of port can be specified. The rule will be applied for the outgoing | + | |
| - | traffic originating from the ports as per specified in the list.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | |
| - | + | ||
| - | <table class=MsoNormalTable border=1 cellspacing=0 cellpadding=0 | + | |
| - | style='background:#DBE5F1;border-collapse:collapse;border:none'> | + | |
| - | <tr> | + | |
| - | <td width=49 style='width:36.9pt;border:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt'> | + | |
| - | <p class=MsoNormal align=center style='margin-bottom:0in;text-align:center; | + | |
| - | line-height:110%'><b><span style='line-height:110%;color:black'>NOTE</span></b></p> | + | |
| - | </td> | + | |
| - | <td width=567 valign=top style='width:425.35pt;border:solid windowtext 1.0pt; | + | |
| - | border-left:none;padding:0in 5.4pt 0in 5.4pt'> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><span | + | |
| - | style='color:black'>The rule will be applied when the selected Source IP | + | |
| - | Address and Source Port matches together.</span></p> | + | |
| - | </td> | + | |
| - | </tr> | + | |
| </table> | </table> | ||
| + | <br> | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | <p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Destination tab</b></p> |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Destination | + | |
| - | tab</b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>In this section, | + | |
| - | specify/select the location of the computer where the incoming network traffic | + | |
| - | is destined.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Destination IP | + | |
| - | Address –</b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>My Computer –</b> | + | |
| - | The rule will be applied for the incoming traffic to your computer.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Host Name –</b> | + | |
| - | The rule will be applied for the incoming traffic to the computer as per the | + | |
| - | host name specified.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Single IP | + | |
| - | Address –</b> The rule will be applied for the incoming traffic to the computer | + | |
| - | as per the IP address specified.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Whole IP Range | + | |
| - | –</b> To apply the rule on a group of computers in series, you can specify a | + | |
| - | range of IP address. The rule will be applied for the incoming traffic to the | + | |
| - | computer(s) which is within the defined IP range.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Any IP Address | + | |
| - | –</b> When this option is selected, the rule will be applied for the incoming | + | |
| - | traffic to ANY IP Addresses.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Any –</b> | + | |
| - | After selecting this option, the rule will be applied for the incoming traffic | + | |
| - | to ANY port.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Single Port –</b> | + | |
| - | After selecting this option, the rule will be applied for the incoming traffic | + | |
| - | to the specified/defined port.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Port Range –</b> | + | |
| - | To enable the rule on a group of ports in series, you can specify a range of | + | |
| - | ports. The rule will be applied for the incoming traffic to the port which is | + | |
| - | within the defined range of ports.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Port List –</b> | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>In this section, specify/select the location of the computer where the incoming network traffic is destined.<br><br> |
| - | A list of port can be specified/added. The rule will be applied for incoming | + | <b>Destination IP Address –</b><br> |
| + | <b>My Computer –</b>The rule will be applied for the incoming traffic to your computer.<br> | ||
| + | <b>Host Name –</b> The rule will be applied for the incoming traffic to the computer as per the | ||
| + | host name specified.<br> | ||
| + | <b>Single IP Address –</b> The rule will be applied for the incoming traffic to the computer as per the IP address specified.<br> | ||
| + | <b>Whole IP Range –</b> To apply the rule on a group of computers in series, you can specify a range of IP address. The rule will be applied for the incoming traffic to the computer(s) which is within the defined IP range.<br> | ||
| + | <b>Any IP Address –</b> When this option is selected, the rule will be applied for the incoming | ||
| + | traffic to ANY IP Addresses.<br><br> | ||
| + | <b>Destination Port</b><br> | ||
| + | <b>Any –</b> After selecting this option, the rule will be applied for the incoming traffic to ANY port.<br> | ||
| + | <b>Single Port –</b> After selecting this option, the rule will be applied for the incoming traffic to the specified/defined port.<br> | ||
| + | <b>Port Range –</b> To enable the rule on a group of ports in series, you can specify a range of ports. The rule will be applied for the incoming traffic to the port which is within the defined range of ports.<br> | ||
| + | <b>Port List –</b>A list of port can be specified/added. The rule will be applied for incoming | ||
| traffic originating from the ports as per specified in the list.</p> | traffic originating from the ports as per specified in the list.</p> | ||
| + | <br> | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | <table class="MsoNormalTable" style="background: #DBE5F1; border-collapse: collapse; border: none;" border="1" cellspacing="0" cellpadding="0"> |
| - | + | <tr> | |
| - | <table class=MsoNormalTable border=1 cellspacing=0 cellpadding=0 | + | <td style="width: 36.9pt; border: solid windowtext 1.0pt; padding: 0in 5.4pt 0in 5.4pt;" width="49"> |
| - | style='background:#DBE5F1;border-collapse:collapse;border:none'> | + | <p style="font-size: 11.0pt; font-family: 'Open Sans';"><strong>NOTE</strong></p> |
| - | <tr> | + | </td> |
| - | <td width=49 style='width:36.9pt;border:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt'> | + | <td style="width: 425.2pt; border: solid windowtext 1.0pt; border-left: none; padding: 0in 5.4pt 0in 5.4pt;" valign="top" width="567"> |
| - | <p class=MsoNormal align=center style='margin-bottom:0in;text-align:center; | + | <p style="font-size: 11.0pt; font-family: 'Open Sans';">The rule will be applied when the selected Destination IP Address and Destination Port matches together.</p> |
| - | line-height:110%'><b><span style='line-height:110%;color:black'>NOTE</span></b></p> | + | </td> |
| - | </td> | + | </tr> |
| - | <td width=567 valign=top style='width:425.35pt;border:solid windowtext 1.0pt; | + | |
| - | border-left:none;padding:0in 5.4pt 0in 5.4pt'> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><span | + | |
| - | style='color:black'>The rule will be applied when the selected Destination IP | + | |
| - | Address and Destination Port matches together.</span></p> | + | |
| - | </td> | + | |
| - | </tr> | + | |
| </table> | </table> | ||
| + | <br> | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | <p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Advanced tab</b></p> |
| - | + | ||
| - | <b><span style='font-size:11.0pt;line-height:115%;font-family:"Open Sans",sans-serif'><br | + | |
| - | clear=all style='page-break-before:always'> | + | |
| - | </span></b> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in'><b>Advanced tab</b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>This tab contains | + | |
| - | advance setting for Expert Rule.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:0in; | + | |
| - | margin-bottom:12.0pt;margin-left:0in;text-align:center;line-height:110%'><b><img | + | |
| - | border=0 width=414 height=397 id="Picture 109" | + | |
| - | src="eScan_Corporate360_UserGuide_revised_files/image173.png"></b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Enable | + | |
| - | Advanced ICMP Processing -</b> This is activated when the ICMP protocol is | + | |
| - | selected in the General tab.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>The packet | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>This tab contains advance setting for Expert Rule.<br> |
| - | must be from/to a trusted MAC address –</b> When this option is selected, the | + | <b>Enable Advanced ICMP Processing -</b> This is activated when the ICMP protocol is |
| + | selected in the General tab.<br> | ||
| + | <b>The packet must be from/to a trusted MAC address –</b> When this option is selected, the | ||
| rule will only be applied on the MAC address defined/listed in the Trusted MAC | rule will only be applied on the MAC address defined/listed in the Trusted MAC | ||
| Address tab.</p> | Address tab.</p> | ||
| + | <b>Log information when this rule applies –</b> This will enable to log information of the Rule when it is implied.</p> | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | <p style='font-size:11.0pt;font-family:"Open Sans"'><b>Modify</b> – Clicking <b>Modify</b> lets you modify any Expert Rule.<br> |
| - | + | <b>Remove</b> – Clicking <b>Remove</b> lets you delete a rule from the Expert Rule.<br> | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Log | + | <b>Shift Up and Shift Down</b>– The UP and DOWN arrow button will enable to move the rules up |
| - | information when this rule applies –</b> This will enable to log information of | + | or down as required and will take precedence over the rule listed below it.<br> |
| - | the Rule when it is implied.</p> | + | <b>Enable Rule/Disable Rule </b>– These buttons lets you enable or disable a particular |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Modify</b> – | + | |
| - | Clicking <b>Modify</b> lets you modify any Expert Rule.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Remove</b> – | + | |
| - | Clicking <b>Remove</b> lets you delete a rule from the Expert Rule.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Shift Up and | + | |
| - | Shift Down</b>– The UP and DOWN arrow button will enable to move the rules up | + | |
| - | or down as required and will take precedence over the rule listed below it.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Enable | + | |
| - | Rule/Disable Rule </b>– These buttons lets you enable or disable a particular | + | |
| selected rule from the list.</p> | selected rule from the list.</p> | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | <h3 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Trusted MAC Address</h3> |
| - | <b><span style='font-size:14.0pt;line-height:115%;font-family:"Open Sans",sans-serif'><br | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>This section contains the information of the MAC address of the system. A MAC address is a hardware address that uniquely identifies each node of a network. The Trusted MAC address list will be checked along with the Expert Rule only when "The packet must be from/to a trusted MAC address" option is checked and the action will be as per specified in the rule. (Refer to the Advance Tab of the Expert Rule). <br> |
| - | clear=all style='page-break-before:always'> | + | Buttons (to configure the Trusted MAC Address)</p> |
| - | </span></b> | + | <ul> |
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Add –</b> To add a MAC address click on this button. Enter the MAC address to be added in the list for e.g. 00-13-8F-27-00-47</li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Edit –</b> To modify/change the MAC Address, click <b>Edit</b>.</li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Remove –</b> To delete the MAC Address, click <b>Remove</b>.</li> | ||
| + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Clear All –</b> To delete the entire listed MAC Address, click <b>Clear All</b>.</li> | ||
| + | </ul> | ||
| - | <h5>Trusted MAC Address</h5> | + | <h3 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Local IP List </h3> |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>This section | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>This section contains a list of Local IP addresses.</p> |
| - | contains the information of the MAC address of the system. A MAC address is a | + | <ul> |
| - | hardware address that uniquely identifies each node of a network. The Trusted | + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Add –</b> To add a local IP address, click <b>Add</b>.</li> |
| - | MAC address list will be checked along with the Expert Rule only when "The | + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Remove –</b> To remove a local IP address, click <b>Remove</b>.</li> |
| - | packet must be from/to a trusted MAC address" option is checked and the | + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Clear All –</b> To clear all local IP addresses, click <b>Clear All</b>.</li> |
| - | action will be as per specified in the rule. (Refer to the Advance Tab of the | + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Default List –</b> To load the default list of IP addresses, click <b>Default List</b>.</li> |
| - | Expert Rule). </p> | + | </ul> |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>Buttons (to | + | <h3 style='color:#008000;font-size:18.0pt;font-family:"Open Sans"'>Application Rule</h3> |
| - | configure the Trusted MAC Address)</p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>In this section you can define the permissions for different application. The application can be set to Ask, Permit or Deny mode.</p> |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Add –</b> To | + | <p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Defining permission for an application</b></p> |
| - | add a MAC address click on this button. Enter the MAC address to be added in | + | |
| - | the list for e.g. 00-13-8F-27-00-47</p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>To define |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Edit –</b> To | + | |
| - | modify/change the MAC Address, click <b>Edit</b>.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Remove –</b> | + | |
| - | To delete the MAC Address, click <b>Remove</b>.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b> </b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Clear All –</b> | + | |
| - | To delete the entire listed MAC Address, click <b>Clear All</b>.</p> | + | |
| - | + | ||
| - | <h5>Local IP List </h5> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>This section | + | |
| - | contains a list of Local IP addresses.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:0in; | + | |
| - | margin-bottom:12.0pt;margin-left:0in;text-align:center;line-height:110%'><img | + | |
| - | border=0 width=602 height=317 id="Picture 110" | + | |
| - | src="eScan_Corporate360_UserGuide_revised_files/image174.png"></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Add –</b> To | + | |
| - | add a local IP address, click <b>Add</b>.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Remove –</b> | + | |
| - | To remove a local IP address, click <b>Remove</b>.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Clear All –</b> | + | |
| - | To clear all local IP addresses, click <b>Clear All</b>.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Default List –</b> | + | |
| - | To load the default list of IP addresses, click <b>Default List</b>.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | + | |
| - | + | ||
| - | <b><span style='font-size:14.0pt;line-height:115%;font-family:"Open Sans",sans-serif'><br | + | |
| - | clear=all style='page-break-before:always'> | + | |
| - | </span></b> | + | |
| - | + | ||
| - | <h5 style='margin:0in'>Application Rule</h5> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>In this section | + | |
| - | you can define the permissions for different application. The application can | + | |
| - | be set to Ask, Permit or Deny mode.</p> | + | |
| - | + | ||
| - | <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:0in; | + | |
| - | margin-bottom:12.0pt;margin-left:0in;text-align:center;line-height:110%'><img | + | |
| - | border=0 width=559 height=324 id="Picture 355" | + | |
| - | src="eScan_Corporate360_UserGuide_revised_files/image175.jpg"></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Defining | + | |
| - | permission for an application</b></p> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'>To define | + | |
| permission for an application,</p> | permission for an application,</p> | ||
| - | <ol style='margin-top:0in' start=1 type=1> | + | <ol > |
| - | <li class=MsoNormal style='margin-bottom:0in;margin-bottom:0in;margin-top: | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Click <b>Add</b>.</li> |
| - | 0in;line-height:110%'>Click <b>Add</b>.</li> | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Add New Application window appears.</li> |
| - | <li class=MsoNormal style='margin-bottom:0in;margin-bottom:0in;margin-top: | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Enter the application name with path and select a |
| - | 0in;line-height:110%'>Add New Application window appears.</li> | + | |
| - | </ol> | + | |
| - | + | ||
| - | <p class=MsoNormal align=center style='margin-top:12.0pt;margin-right:0in; | + | |
| - | margin-bottom:12.0pt;margin-left:0in;text-align:center;line-height:110%'><img | + | |
| - | border=0 width=319 height=165 id="Picture 356" | + | |
| - | src="eScan_Corporate360_UserGuide_revised_files/image176.jpg"></p> | + | |
| - | + | ||
| - | <ol style='margin-top:0in' start=3 type=1> | + | |
| - | <li class=MsoNormal style='margin-bottom:0in;margin-bottom:0in;margin-top: | + | |
| - | 0in;line-height:110%'>Enter the application name with path and select a | + | |
| permission.</li> | permission.</li> | ||
| - | <li class=MsoNormal style='margin-bottom:0in;margin-bottom:0in;margin-top: | + | <li style='font-size:11.0pt;font-family:"Open Sans"'>Click <b>OK</b>.<br> |
| - | 0in;line-height:110%'>Click <b>OK</b>.</li> | + | The permission for the application will be defined.</li></ol> |
| - | </ol> | + | <p style='color:#32CD32;font-size:12.0pt;font-family:"Open Sans"'><b>Removing permission of an application</b></p> |
| - | <p class=MsoNormal style='margin-top:0in;margin-right:0in;margin-bottom:0in; | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>Select an application and then click <b>Remove</b>. The application will no longer have the permission.</p> |
| - | margin-left:.5in;line-height:110%'>The permission for the application will be | + | |
| - | defined.</p> | + | |
| - | <p class=MsoNormal style='margin-bottom:0in;margin-bottom:0in;margin-top:0in; | + | <p style='font-size:11.0pt;font-family:"Open Sans"'>Other Buttons</p> |
| - | line-height:110%'> </p> | + | <ul > |
| - | + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Clear All</b> This option will clear/delete all the information stored by the Firewall cache.</li> | |
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Removing | + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Show Application Alert</b> – Selecting this option will display an eScan Firewall Alert displaying the blocking of any application as defined in the Application Rule.</li> |
| - | permission of an application</b></p> | + | <li style='font-size:11.0pt;font-family:"Open Sans"'><b>Default Rules </b>- This button will load/reset the rules to the Default settings present during the installation of eScan. This will remove all the settings defined by user.</li> |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;margin-bottom:0in;margin-top:0in; | + | |
| - | line-height:110%'>Select an application and then click <b>Remove</b>. The | + | |
| - | application will no longer have the permission.</p> | + | |
| - | + | ||
| - | <span style='font-size:11.0pt;line-height:110%;font-family:"Open Sans",sans-serif'><br | + | |
| - | clear=all style='page-break-before:always'> | + | |
| - | </span> | + | |
| - | + | ||
| - | <p class=MsoNormal style='margin-bottom:0in;margin-bottom:0in;margin-top:0in; | + | |
| - | line-height:110%'>Other Buttons</p> | + | |
| - | + | ||
| - | <ul style='margin-top:0in' type=disc> | + | |
| - | <li class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Clear All</b> | + | |
| - | - This option will clear/delete all the information stored by the Firewall | + | |
| - | cache.</li> | + | |
| - | <li class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Show | + | |
| - | Application Alert</b> – Selecting this option will display an eScan | + | |
| - | Firewall Alert displaying the blocking of any application as defined in | + | |
| - | the Application Rule.</li> | + | |
| - | <li class=MsoNormal style='margin-bottom:0in;line-height:110%'><b>Default | + | |
| - | Rules </b>- This button will load/reset the rules to the Default settings | + | |
| - | present during the installation of eScan. This will remove all the | + | |
| - | settings defined by user.</li> | + | |
| </ul> | </ul> | ||
| - | |||
| - | <p class=MsoNormal style='margin-bottom:0in;line-height:110%'> </p> | ||
| - | |||
| - | <b><span style='font-size:16.0pt;line-height:115%;font-family:"Open Sans",sans-serif; | ||
| - | color:#5B9BD5'><br clear=all style='page-break-before:always'> | ||
| - | </span></b> | ||
Current revision
| · eScan · MailScan · Technologies | · Technical Info · Security Awareness · User Guides |
Contents |
[edit]
Firewall
Firewall module is designed to monitor all incoming and outgoing network traffic and protect your computer from all types of network based attacks. eScan includes a set of predefined access control rules that you can remove or customize as per your requirements. These rules enforce a boundary between your computer and the network. Therefore, the Firewall feature first checks the rules, analyzes network packets, and filters them on the basis of the specified rules. When you connect to the Internet, you expose your computer to various security threats.
The Firewall feature of eScan protects your data when you:
- Connect to Internet Relay Chat (IRC) servers and join other people on the numerous channels on the IRC network.
- Use Telnet to connect to a server on the Internet and then execute the commands on the server.
- Use FTP to transfer files from a remote server to your computer.
- Use Network Basic Input Output System (NetBIOS) to communicate with other users on the LAN connected to the Internet.
- Use a computer that is a part of a Virtual Private Network (VPN).
- Use a computer to browse the Internet.
- Use a computer to send or receive email.
By default, the firewall operates in the Allow All mode. However, you can customize the firewall by using options like Limited Filter for filtering only incoming traffic and Interactive Filter to monitor incoming and outgoing traffic. The eScan Firewall also lets you specify different set of rules for allowing or blocking incoming or outgoing traffic. These rules include Zone Rules, Expert Rules, Trusted Media Access Control (MAC) Address, and Local IP list. This page provides you with options for configuring the module. You can configure the following settings to be deployed to the eScan client systems.
Allow All– Clicking Allow All disables the eScan Firewall i.e. all the incoming and outgoing network traffic will not be monitored/filtered.
Limited Filter– Clicking Limited Filter enables eScan Firewall in limited mode which will monitor all incoming traffic only and will be allowed or blocked as per the conditions or rules defined in the Firewall.
Interactive- Clicking Interactive enables eScan Firewall to monitor all the incoming and outgoing network traffic and will be allowed or blocked as per the conditions or rules defined in the Firewall.
Following tabs are available:
- Zone Rule
- Expert Rule
- Trusted MAC Address
- Local IP List
- Application Rule
[edit]
Zone Rule
This is a set of network access rules to make the decision of allowing/blocking of the access to the system. This will contain the source IP address or source Host name or IP range either to be allowed or blocked.
Buttons (to configure a zone rule)
Add Host Name – This option lets you add a "host" in the zone rule. After clicking Add Host Name, enter the HOST name of the system, select the zone Trusted/Blocked) and enter a name for the zone rule. Click OK to create the zone rule.
Add IP – This option lets you add an IP address of a system to be added in the zone rule. After clicking Add IP, enter the IP address of the system, select the zone (Trusted/Blocked) and enter a name for the zone rule. Click OK to create the Zone Rule.
Add IP Range – This option lets you add an IP range to be added in the zone rule. After clicking Add IP Range, add the IP Range (i.e. a range of IP that the zone rules should be applied), select the zone (Trusted/Blocked) and enter a name for the zone rule. Click OK to create the zone rule.
Modify – To modify/change any listed zone rule (s), select the zone rule to be modified
and then click Modify.
Remove - To remove any listed zone rule (s), select the zone rule and then click Remove.
[edit]
Expert Rule
This tab lets you specify advanced rules and settings for the eScan firewall. You can configure expert rules on the basis of the various rules, protocols, source IP address and port, destination IP address and port, and ICMP types. You can create new expert rules. However, configure these rules only if you are familiar with firewalls and networking protocols.
- Source IP Address/Host Name
- Source Port Number
- Destination IP Address/Host Name
- Destination Port Number
Buttons (to configure an Expert Rule)
Add – Click Add to create a new Expert Rule. Add Firewall Rule Window appears, you can configure the following settings via following tabs:
- General
- Source
- Destination
- Advanced
Let's see them in detail.
General tab
In this section, specify the Rule settings:
Rule Name – Provide a name to the Rule.
Rule Action – Action to be taken, whether to Permit Packet or Deny Packet.
Protocol –Select the network protocol (e.g. TCP, UDP, ARP) on which the Rule will be
applied.
Apply rule on Interface – Select the Network Interface on which the Rule will be applied.
Source tab
In this section, specify/select the location from where the outgoing network traffic originates.
My Computer –The rule will be applied for the outgoing traffic originating from your
computer.
Host Name –The rule will be applied for the outgoing traffic originating from the computer
as per the host name specified.
Single IP Address – The rule will be applied for the outgoing traffic originating from the computer as per the IP address specified.
Whole IP Range To enable the rule on a group of computers in series, you can specify a range of IP address. The rule will be applied for the outgoing traffic from the computer(s) which is within the defined IP range.
Any IP Address When this option is selected, the rule will be applied for the traffic originating from ANY IP address.
Any – When this option is selected, the rule gets applied for outgoing traffic originating from any port.
Single Port – When this option is selected, the rule gets applied for the outgoing traffic
originating from the specified/defined port.
Port Range – To enable the rule on a group of ports in series, you can specify a range of ports. The rule will be applied for the outgoing traffic originating from the port which is within the defined range of ports.
Port List – A list of port can be specified. The rule will be applied for the outgoing traffic originating from the ports as per specified in the list.
|
NOTE |
The rule will be applied when the selected Source IP Address and Source Port matches together. |
Destination tab
In this section, specify/select the location of the computer where the incoming network traffic is destined.
Destination IP Address –
My Computer –The rule will be applied for the incoming traffic to your computer.
Host Name – The rule will be applied for the incoming traffic to the computer as per the
host name specified.
Single IP Address – The rule will be applied for the incoming traffic to the computer as per the IP address specified.
Whole IP Range – To apply the rule on a group of computers in series, you can specify a range of IP address. The rule will be applied for the incoming traffic to the computer(s) which is within the defined IP range.
Any IP Address – When this option is selected, the rule will be applied for the incoming
traffic to ANY IP Addresses.
Destination Port
Any – After selecting this option, the rule will be applied for the incoming traffic to ANY port.
Single Port – After selecting this option, the rule will be applied for the incoming traffic to the specified/defined port.
Port Range – To enable the rule on a group of ports in series, you can specify a range of ports. The rule will be applied for the incoming traffic to the port which is within the defined range of ports.
Port List –A list of port can be specified/added. The rule will be applied for incoming
traffic originating from the ports as per specified in the list.
|
NOTE |
The rule will be applied when the selected Destination IP Address and Destination Port matches together. |
Advanced tab
This tab contains advance setting for Expert Rule.
Enable Advanced ICMP Processing - This is activated when the ICMP protocol is
selected in the General tab.
The packet must be from/to a trusted MAC address – When this option is selected, the
rule will only be applied on the MAC address defined/listed in the Trusted MAC
Address tab.
Log information when this rule applies – This will enable to log information of the Rule when it is implied.</p>
Modify – Clicking Modify lets you modify any Expert Rule.
Remove – Clicking Remove lets you delete a rule from the Expert Rule.
Shift Up and Shift Down– The UP and DOWN arrow button will enable to move the rules up
or down as required and will take precedence over the rule listed below it.
Enable Rule/Disable Rule – These buttons lets you enable or disable a particular
selected rule from the list.
[edit]
Trusted MAC Address
This section contains the information of the MAC address of the system. A MAC address is a hardware address that uniquely identifies each node of a network. The Trusted MAC address list will be checked along with the Expert Rule only when "The packet must be from/to a trusted MAC address" option is checked and the action will be as per specified in the rule. (Refer to the Advance Tab of the Expert Rule).
Buttons (to configure the Trusted MAC Address)
- Add – To add a MAC address click on this button. Enter the MAC address to be added in the list for e.g. 00-13-8F-27-00-47
- Edit – To modify/change the MAC Address, click Edit.
- Remove – To delete the MAC Address, click Remove.
- Clear All – To delete the entire listed MAC Address, click Clear All.
[edit]
Local IP List
This section contains a list of Local IP addresses.
- Add – To add a local IP address, click Add.
- Remove – To remove a local IP address, click Remove.
- Clear All – To clear all local IP addresses, click Clear All.
- Default List – To load the default list of IP addresses, click Default List.
[edit]
Application Rule
In this section you can define the permissions for different application. The application can be set to Ask, Permit or Deny mode.
Defining permission for an application
To define permission for an application,
- Click Add.
- Add New Application window appears.
- Enter the application name with path and select a permission.
- Click OK.
The permission for the application will be defined.
Removing permission of an application
Select an application and then click Remove. The application will no longer have the permission.
Other Buttons
- Clear All This option will clear/delete all the information stored by the Firewall cache.
- Show Application Alert – Selecting this option will display an eScan Firewall Alert displaying the blocking of any application as defined in the Application Rule.
- Default Rules - This button will load/reset the rules to the Default settings present during the installation of eScan. This will remove all the settings defined by user.
