SecureIT Plus Firewall Features and Functionality



Similar documents
Windows Firewall Configuration with Group Policy for SyAM System Client Installation

How To: Configure a Cisco ASA 5505 for Video Conferencing

Lab - Configure a Windows 7 Firewall

Lab - Configure a Windows Vista Firewall

How to Program a Commander or Scout to Connect to Pilot Software

A-AUTO 50 for Windows Setup Guide

ILTA HANDS ON Securing Windows 7

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

Note: With v3.2, the DocuSign Fetch application was renamed DocuSign Retrieve.

How to set up popular firewalls to work with Web CEO

USER CONFERENCE 2011 SAN FRANCISCO APRIL Running MarkLogic in the Cloud DEVELOPER LOUNGE LAB

ShadowControl ShadowStream

XStream Remote Control: Configuring DCOM Connectivity

Immotec Systems, Inc. SQL Server 2005 Installation Document

Time Stamp. Instruction Booklet

UCO_SECURE Wireless Connection Guide: Windows 8

Avaya IP Office SIP Configuration Guide

CLEARONE DOCUMENT (REVISION 1.0) October, with Converge Pro Units

Windows Server 2008 R2 Initial Configuration Tasks

CONFIGURING VIRTUAL TERMINAL: This is the screen you will see when you first open Virtual Terminal

1:1 NAT in ZeroShell. Requirements. Overview. Network Setup

Scan to Quick Setup Guide

Plesk 11 Manual. Fasthosts Customer Support

Firewall Defaults and Some Basic Rules

GlobeSurfer III Port Forwarding

freesshd SFTP Server on Windows

About Firewall Protection

Steps for using MagicConnect

XenApp/Citrix Program Neighborhood Installation

REMEDY 7.5 INCIDENT MANAGEMENT AND CHANGE MANAGEMENT USER MANUAL

Home Station ADSL. You may also use the following address (regardless of whether you have changed the primary address or not):

Special Note Ethernet Connection Problems and Handling Methods (CS203 / CS468 / CS469)

Trend Micro PC-cillin Internet Security 2006

Support Guide: Managing the Subject machine s Firewall.

Cisco Unified Communications Manager SIP Trunk Configuration Guide

pcanywhere Advanced Configuration Guide

Avaya IP Office SIP Trunk Configuration Guide

TechNote. Configuring SonicOS for MS Windows Azure

TM SysAid Chat Guide Document Updated: 10 November 2009

WORKING WITH WINDOWS FIREWALL IN WINDOWS 7

523 Non-ThinManager Components

Firewall Firewall August, 2003

Chapter 4 Firewall Protection and Content Filtering

ONE POS User Manual. A brief hand guide for ONE ERP POS SYSTEM MYIT SOLUTION. Latest update on: 03/09/12

Connecting to a Soundweb TM. London Network

How To Industrial Networking

Document Revision Date: August 14, Create a New Data Protection Policy in the Symantec.cloud Management Portal

LifeSize UVC Manager TM Deployment Guide

OneLogin Integration User Guide

Galileo Print Manager

Network/Floating License Installation Instructions

Safe internet for business use: Getting Started Guide

Velocity Web Services Client 1.0 Installation Guide and Release Notes

Host Installation on a Terminal Server

Database Program Instructions

Chapter 3 Security and Firewall Protection

Troubleshooting Guide

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Mac OS VPN Set Up Guide

isupplier PORTAL ACCESS SYSTEM REQUIREMENTS

Wakanda Studio Features

OneSourceFax Customer Guide

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

Setup Guide for Exchange Server

In this lab you will explore the Windows XP Firewall and configure some advanced settings.

Configure the idrac Remote Access Console

enicq 5 System Administrator s Guide

Installing NetSupport School for use with the NetSupport School Student extension for Google Chrome

PIGCHAMP MOBILE. PigCHAMP Knowledge Software. Installation Guide for Mobile Units

Procedure for updating Firmware of EZ4 W or ICC50 W

Yale Software Library

Lab Configure Cisco IOS Firewall CBAC

Registering with Cisco UCM

How to install and use CrossTec Remote Control or SchoolVue in a Virtual and or Terminal Service environment

Manual. 3CX Phone System integration with Microsoft Outlook and Salesforce Version 1.0

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Using Public IP Settings

Vizit 4.1 Installation Guide

Getting Started. A Getting Started Guide for Locum RealTime Monitor. Manual Version 2.1 LOCUM SOFTWARE SERVICES LIMITED

User Guide. Version 3.2. Copyright Snow Software AB. All rights reserved.

Sophos Client Firewall version 1.5 user manual. For Windows

Service Bulletin [ ]

Pearl Echo Installation Checklist

Managing Identities and Admin Access

How to Open HTTP or HTTPS traffic to a webserver behind the NetVanta 2000 Series unit (Enhanced OS)

Lab - Configure a Windows XP Firewall

Non-ThinManager Components

Intel Unite Solution. Standalone User Guide

1. Set Daylight Savings Time Create Migrator Account Assign Migrator Account to Administrator group... 4

Configuring PA Firewalls for a Layer 3 Deployment

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Office 2013 Settings Customization Created 7/29/2014 by ICIT Training

WhatsUpGold. v NetFlow Monitor User Guide

8x8 Click2Pop User Guide

For keyboard and touchscreen BlackBerry devices User manual

Infinity Web Viewer Reference Guide

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

Chapter 4 Firewall Protection and Content Filtering

To add Citrix XenApp Client Setup for home PC/Office using the 32bit Windows client.

Transcription:

SecureIT Plus Firewall Features and Functionality Iowa Network Services SecureIT Plus Firewall Page 1 of 11

1.1 Enabling Firewall 1.1.1 Main Settings Once you have installed the firewall and have rebooted your computer, right click on the padlock icon in the lower right hand corner and choose Open SecureIT Management Console. Once the management console opens, you will notice there is a new section on the left under Settings called Firewall Settings. Clicking Firewall Settings will open a screen that looks like the following (see figure 1-1). Figure 1-1 You will see that the Enable Firewall option is enabled (checked) and the High Security Mode Block All option is disabled (unchecked). The other three options Startup Protection, Enable Stealth Browsing, and Prevent Firewall Tampering are features that will be available for future releases of the firewall. However, for the beta version, these features will be unavailable and grayed out. You will also see three tabs on this screen called Main, Zones, and Traffic Management. 1.1.2 Zones Clicking on the Zones tab will open a screen that looks like the following (see figure 1-2). Iowa Network Services SecureIT Plus Firewall Page 2 of 11

Figure 1-2 In the box where it states Firewall Zones, you will have all IP addresses listed for all network adapters on that machine, their connection type, and the zone that those adapters are in. By default, all network adapters that are detected get placed into the Internet zone. If you click on the dropdown menu next to where it states Change selected adapter to zone, you will see the following zones: Trusted, Internet and Blocked. An explanation of these zones follows: Trusted This is the safe zone. It contains all of the computers and networks that are trusted and that you want to share resources with (i.e. the other machines on your local or home network). By default, this is the zone that all network adapters will be in after installing the firewall. In this zone, all communication, both inbound and outbound, is allowed and the machine is fully visible to the outside world. Internet This is the unknown zone. All of the computers and networks in the world belong to this zone until they are moved either through the software or through manual rule creation. Here you will still have full access to the Internet, but you will be hidden from the outside world. In the Traffic Management tab, which we will talk about later, we can set custom rules to allow certain traffic from the Internet to be allowed by the firewall. Blocked This is a zone where all communication, both inbound and outbound, is blocked and the machine is completely hidden from the outside world. Another way to duplicate this is to enable High Security Mode. Once you change the zone, you will notice a message that appears in red in the upper right hand corner that states Settings have changed. This reminds you that that in order Iowa Network Services SecureIT Plus Firewall Page 3 of 11

for the changes that you just made to be saved, you will need to click on the Save Settings button before you click on Close. This message will appear throughout the firewall settings anytime you make a change in the configurations that require you to save the settings. Change the zone back to Trusted for now, and we will come back to the others later. Click on the Traffic Management tab, and you will see a screen that looks like the following (see figure 1-3). 1.1.3 Traffic Management Figure 1-3 You will see two tabs here, Today s Blocked Traffic and Traffic Rules. Today s Blocked Traffic will show you the inbound and outbound communication that has been blocked by the firewall. Traffic Rules will show the rules that have been setup to allow or block certain traffic in communicating with this machine. Today s Blocked Traffic If you had your network adapter set in the Internet zone and went to another machine in the same network and tried to either ping or telnet to the IP address of the computer the firewall is installed on, the firewall would block that request. Let s say the IP address of computer1, which has the firewall enabled, was 172.25.1.10 (as shown in figure 1-2). You have another computer, computer2, on the same network that has an IP address of 172.25.1.29. Go to computer2 and type the following from a command prompt: telnet 172.25.1.10 445 You will notice that this command will not work. If you go back to computer1 and click on the Today s Blocked Traffic tab and click the Refresh icon (the curved green Iowa Network Services SecureIT Plus Firewall Page 4 of 11

arrows in the lower right of that box), you will see the communication that was blocked from computer2 and will look similar to the next screen shown (see figure 1-4). Figure 1-4 Here, you will see the time the traffic was blocked, whether the communication was inbound or outbound, the protocol that was used, the IP address the traffic came from, and the port the traffic tried to communicate on. If you decided that you wanted this communication to happen, you would click the traffic listed that you wanted to allow, and then click the Add to Allowed Traffic button. Once this happens, a rule is automatically created to allow this traffic. You will see this by clicking on the Traffic Rules tab (see figure 1-5). Iowa Network Services SecureIT Plus Firewall Page 5 of 11

Figure 1-5 Here, you would see a rule was created to allow inbound TCP traffic from IP address 172.25.1.29 on port 445. If you went back to computer2 and tried to run the telnet command again (telnet 172.25.1.29), you will notice that the command would complete this time. Then if you went back to the computer1 and clicked Today s Blocked Traffic and clicked the refresh icon, there would be no new traffic that was blocked. Click on the Today s Blocked Traffic tab once again and you will notice there is a button at the bottom of the window called Clear Traffic. Due to the amount of communication that will be blocked and displayed in this window and how large this list will become, you can click on this button to clear the contents of this window. This would especially come in handy if you were trying to find out if a certain IP address or communication was being blocked by the firewall. Traffic Rules Another way to allow blocked traffic is to use the predefined rules that are included in the firewall. Let s say that you could not use your AOL Instant Messenger program because the traffic was being blocked, but you wanted to be able to use it. You would do the following: 1. Click on the Traffic Management tab 2. Click on the Traffic Rules tab 3. Click on the Add button You would see a screen that looks like the following (see figure 1-5) Iowa Network Services SecureIT Plus Firewall Page 6 of 11

Figure 1-5 You would pick AOL Instant Messenger from the dropdown list. You would then make sure that the Allow radial button is selected next to Define what action would you like to assign. Since all communication is already allowed outbound from the firewall due to the computer being in the Internet Zone, the only option for Direction for traffic is From and will already be selected for you. Next, set the IP range that you want to allow this traffic (by default this will be from 0.0.0.0 to 255.255.255.255, which means all traffic will be able to communicate from this medium) and then click OK. You would now see a screen that looks similar to the following (see figure 1-6). Figure 1-6 Iowa Network Services SecureIT Plus Firewall Page 7 of 11

Here you will see the rule that you created would allow inbound traffic over a TCP connection from any IP address on port 5190. If at anytime you make a typo or need to edit the rule, you can simply click on the Edit button, which will open the screen in figure 1-5, and make your changes. Then click the OK button to save those changes. If you went back and launched your AOL Instant Messenger program, you will notice that it now works without a problem. In the cases where you would have a program that was not included in the list of predefined rules that accessed the Internet that you need to work, you would create a custom rule. You would do this by clicking on the Add button shown in figure 1-6 and clicking Custom. This would open a screen that would look like the following (see figure 1-7). Figure 1-7 Here you would give the custom rule a name, specify whether the program needs to communicate via a TCP or UDP protocol or both, and what the port range is that the program will need to communicate on. Once you are done, you would click the OK button. You will now see the custom protocol that you just created has been added to the dropdown list and is now highlighted. You would then also notice that the Delete button is now enabled, giving you the opportunity to delete custom protocols if they are no longer needed. This button can only be used to delete customized protocols, not the predefined protocols. Once your rules have been created, the arrows in the lower left of the window (shown in figure 1-6) are used to change the priority of the rule. The first rule that appears always takes precedence over the other rules even if the other rules are related. To change the priority, you would just click the rule that you wanted to move, and then click either the up or down arrow to move it up or down the priority list. Iowa Network Services SecureIT Plus Firewall Page 8 of 11

1.2 High Security Mode By clicking on the checkbox next to High Security Mode Block All, you will see the following box (see figure 1-8). Figure 1-8 Once you click OK on this box, you will set the firewall in High Security mode. When the firewall is set in High Security Mode, no traffic will be allowed outbound or inbound and the machine will be fully hidden from the outside world. All applications that need to communicate across the Internet will also no longer work. The only way for an application in this mode to communicate across the Internet, is for that application to be specifically allowed to access the Internet. NOTE: All SecureIT related services/processes and third party programs will still be allowed to communicate across the Internet and receive updates even in High Security mode. Program Control As you will notice in figure 1-9, a new tab appears once you put the firewall in High Security mode called Program Control. Clicking on this tab will open a screen that looks like the following (see figure 1-9). Iowa Network Services SecureIT Plus Firewall Page 9 of 11

Figure 1-9 You will notice two tabs, Today s Blocked Programs and Allowed Programs. Today s Blocked Programs will show a list of applications that were blocked that tried to communicate across the Internet while the firewall was in High Security Mode. Allowed Programs will show you a list of applications you have specifically added that you want to communicate across the Internet. Today s Blocked Programs For example, if you launch Internet Explorer while you are in High Security mode, you will notice the screen will open stating The page cannot be displayed. If you click the refresh icon in the lower right of the window (looks like two circulating green arrows and is shown in figure 1-9), you will see that there is now an application that shows up called iexplore.exe (see figure 1-10). Figure 1-10 This is the process name for Internet Explorer. If you wanted to set it up so you could use Internet Explorer and be able to view web pages, you would simply click on the iexplore.exe process that is listed in that window and click the Add to Programs button. Now if you launch Internet Explorer again, you will notice that your home page will open without a problem. You would repeat this process for all applications that you wanted to be able to access the Internet. If at any time you wanted to take all programs that appeared in Today s Blocked Programs and allow them to communicate across the Internet, you can click the Clear Programs button to do this. This may come in handy if the process being blocked is something you don t recognize but all of the sudden one of your applications stop functioning like it should. Allowed Programs Iowa Network Services SecureIT Plus Firewall Page 10 of 11

Clicking on the Allowed Programs tab will bring up a screen that looks like the following (see figure 1-11). Figure 1-11 This is a list of allowed programs that you have specified to allow communication across the Internet in High Security mode. If you completed the above steps, you would see iexplore.exe in the Allowed Programs list. There is also a Remove button that you can click on to remove a program that you no longer want to allow to communicate across the Internet. Iowa Network Services SecureIT Plus Firewall Page 11 of 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information