Reference Manual for the ProSafe VPN Firewall FVS114

Firewall Protection and Content Filtering

4-13

202-10098-01, April 2005

Using a Schedule to Block or Allow Specific Traffic

If you enabled content filtering in the Block Sites menu, or if you defined an outbound rule to use

a schedule, you can set up a schedule for when blocking occurs or when access is restricted. The

firewall allows you to specify when blocking will be enforced by configuring the Schedule page

shown below:

Figure 4-9:

Schedule page

Reference Manual for the ProSafe VPN Firewall FVS114

4-14

Firewall Protection and Content Filtering

202-10098-01, April 2005

To block keywords or Internet domains based on a schedule, select Every Day or select one or

more days. If you want to limit access completely for the selected days, select All Day. Otherwise,

If you want to limit access during certain times for the selected days, type a Start Blocking time

and an End Blocking time.

Note:

Enter the values as 24-hour time. For example, to specify 10:30 am, enter 10 hours and 30

minutes; for 10:30 pm, enter 22 hours and 30 minutes.

Be sure to click

Apply

when you have finished configuring this page.

Time Zone

The FVS114 VPN Firewall uses the Network Time Protocol (NTP) to obtain the current time and

date from one of several Network Time Servers on the Internet. In order to localize the time for

your log entries, you must specify your Time Zone:

•

Time Zone. Select your local time zone. This setting will be used for the blocking schedule

and for time-stamping log entries.

•

Daylight Savings Time. Check this box for daylight savings time.

Note:

If your region uses Daylight Savings Time, you must manually select Adjust for

Daylight Savings Time on the first day of Daylight Savings Time, and unselect it at the end.

Enabling Daylight Savings Time will add one hour to the standard time.

Be sure to click

Apply

when you have finished configuring this menu.

Reference Manual for the ProSafe VPN Firewall FVS114

Firewall Protection and Content Filtering

4-15

202-10098-01, April 2005

Getting E-Mail Notifications of Event Logs and Alerts

In order to receive logs and alerts by e-mail, you must provide your e-mail information in the Send

alerts and logs by e-mail area:

Figure 4-10:

E-mail menu

•

Turn e-mail notification on.

Check this box if you wish to receive e-mail logs and alerts from

the firewall.

•

Send alerts and logs by e-mail.

If your enable e-mail notification, these boxes cannot be

blank. Enter the name or IP address of your ISP’s outgoing (SMTP) mail server (such as

mail.myISP.com). You may be able to find this information in the configuration menu of your

e-mail program. Enter the e-mail address to which logs and alerts are sent. This e-mail address

will also be used as the From address. If you leave this box blank, log and alert messages will

not be sent via e-mail.

•

Send E-mail alerts immediately.

You can specify that logs are immediately sent to the

specified e-mail address when any of the following events occur:

–

If a Denial of Service attack is detected.

–

If a Port Scan is detected.

Reference Manual for the ProSafe VPN Firewall FVS114

4-16

Firewall Protection and Content Filtering

202-10098-01, April 2005

–

If a user on your LAN attempts to access a Web site that you blocked using the Block Sites

menu.

•

Send logs according to this schedule.

You can specify that logs are sent to you according to a

schedule. Select whether you would like to receive the logs None, Hourly, Daily, Weekly, or

When Full. Depending on your selection, you may also need to specify:

–

Day for sending log

Relevant when the log is sent weekly or daily.

–

Time for sending log

Relevant when the log is sent daily or weekly.

If the Weekly, Daily or Hourly option is selected and the log fills up before the specified

period, the log is automatically e-mailed to the specified e-mail address. After the log is sent,

the log is cleared from the firewall’s memory. If the firewall cannot e-mail the log file, the log

buffer may fill up. In this case, the firewall overwrites the log and discards its contents.

Be sure to click

Apply

when you have finished configuring this menu.

Reference Manual for the ProSafe VPN Firewall FVS114

Firewall Protection and Content Filtering

4-17

202-10098-01, April 2005

Viewing Logs of Web Access or Attempted Web Access

The firewall logs security-related events such as denied incoming and outgoing service requests,

hacker probes, and administrator logins. If you enable content filtering in the Block Sites menu,

the Log page will also show you when someone on your network tried to access a blocked site. If

you enabled e-mail notification, you'll receive these logs in an e-mail message. If you don't have

e-mail notification enabled, you can view the logs here. An example is shown in

Figure 4-11

Figure 4-11:

Logs menu