User manual SECURE COMPUTING SNAPGEAR NETWORK GATEWAY SECURITY
Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... DON'T FORGET : ALWAYS READ THE USER GUIDE BEFORE BUYING !!!
If this document matches the user guide, instructions manual or user manual, feature sets, schematics you are looking for, download it now. Lastmanuals provides you a fast and easy access to the user manual SECURE COMPUTING SNAPGEAR NETWORK GATEWAY SECURITY. We hope that this SECURE COMPUTING SNAPGEAR NETWORK GATEWAY SECURITY user guide will be useful to you.
Lastmanuals help download the user guide SECURE COMPUTING SNAPGEAR NETWORK GATEWAY SECURITY.
Manual abstract: user guide SECURE COMPUTING SNAPGEAR NETWORK GATEWAY SECURITY
Detailed instructions for use are in the User's Guide.
[. . . ] ADMINISTRATION GUIDE
SnapGear Network Gateway Security
Version 3. 1. 5
www. securecomputing. com
Copyright
© 2007 Secure Computing Corporation. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Secure Computing Corporation.
Trademarks
Secure Computing, SafeWord, Sidewinder, Sidewinder G2, Sidewinder G2 Firewall, SmartFilter, Type Enforcement, CipherTrust, IronMail, IronIM, SofToken, Enterprise Strong, Mobile Pass, G2 Firewall, PremierAccess, SecureSupport, SecureOS, Bess, Cyberguard, SnapGear, Total Stream Protection, Webwasher, Strikeback and Web Inspector are trademarks of Secure Computing Corporation, registered in the U. S. Patent and Trademark Office and in other countries. G2 Enterprise Manager, SmartReporter, SecurityReporter, Application Defenses, Central Management Control, RemoteAccess, SecureWire, TrustedSource, On-Box, Securing connections between people, applications and networks and Access Begins with Identity are trademarks of Secure Computing Corporation.
Software License Agreement
CAREFULLY READ THE FOLLOWING TERMS AND CONDITIONS BEFORE LOADING THE SOFTWARE. [. . . ] Tunneling-based attacks occur when an attacker masks traffic normally screened by the firewall rules by encapsulating it within packets corresponding to another network protocol. Application-based attacks occur when vulnerabilities in applications can be exploited by sending suspect packets directly with those applications. These attacks can potentially be detected and prevented using an intrusion detection system.
284
Chapter 3: Firewall menu Connection tracking
Basic IDB
Basic IDB operates by offering a number of services to the outside world that are monitored for connection attempts. Remote machines attempting to connect to these services generate a system log entry providing details of the access attempt, and the access attempt is denied. Since network scans often occur before an attempt to compromise a host, you can also deny all access from hosts that have attempted to scan monitored ports. Note: An attacker can easily forge the source address of UDP or TCP requests. A
host that automatically blocks UDP or TCP probes might inadvertently restrict access from legitimate services. Proper firewall rules and ignored hosts lists significantly reduce the risk of restricting legitimate services.
Configuring basic IDB
1 From the Firewall menu, click Intrusion Detection. The IDB Configuration page appears.
Figure 215: IDB Configuration
285
Chapter 3: Firewall menu Connection tracking
2 [Optional] To monitor dummy TCP services, select the Detect TCP probes check box. 3 [Optional] To blocks hosts attempting to connect to TCP services, select the Block sites probing TCP ports check box. Connection attempts are logged under the Scanning Hosts pane. 4 [Optional] To monitor dummy UDP services, select the Detect UDP probes check box. 5 [Optional] To blocks hosts attempting to connect to UDP services, select the Block sites probing UDP ports check box. Connection attempts are logged under Scanning Hosts. 6 Specify the number of times a host is permitted to attempt to connect to a monitored service before being blocked in the Trigger count before blocking field. This option only takes effect when one of the blocking options is enabled. The trigger count value should be between 0 and 2 (zero represents an immediate blocking of probing hosts). Larger settings mean more attempts are permitted before blocking and although allowing the attacker more latitude; these settings reduce the number of false positives. · Default: 0 · Range: 0-2 7 [Optional] Enter the IP addresses of trusted servers and hosts in the Addresses to ignore for detection and block purposes text box. The IDB ignores the list of host IP addresses. You can freely edit the list; however, you cannot remove the addresses 0. 0. 0. 0 and 127. 0. 0. 1 since they represent the IDB host. 8 Click Submit.
286
Chapter 3: Firewall menu Connection tracking
Selecting TCP dummy services
Use this procedure to set the network ports scanned for TCP services. You can choose Basic, default Standard, or Strict settings, and add your own custom entries. [. . . ] A network device that is similar to a hub, but much smarter. Although not a full router, a switch particularly understands how to route Internet packets. A switch increases LAN efficiency by utilizing bandwidth more effectively. Transmission Control Protocol/Internet Protocol. [. . . ]
DISCLAIMER TO DOWNLOAD THE USER GUIDE SECURE COMPUTING SNAPGEAR NETWORK GATEWAY SECURITY Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... In any way can't Lastmanuals be held responsible if the document you are looking for is not available, incomplete, in a different language than yours, or if the model or language do not match the description. Lastmanuals, for instance, does not offer a translation service. Click on "Download the user manual" at the end of this Contract if you accept its terms, the downloading of the manual SECURE COMPUTING SNAPGEAR NETWORK GATEWAY SECURITY will begin.