1. Home
    2. /
  2. Manuals
    3. /
  3. Nokia
    4. /
  4. IP45
    5. /
  5. 32
Page 156 / 342 Scroll up to view Page 151 - 155
8
Setting Up the Nokia IP45 Security Platform Security Policy
156
Nokia IP45 Security Platform User’s Guide v4.0
Source
Select the source of the connections to allow or block.
To specify an IP address, select Specified IP and type the desired
IP address in the text box.
To specify a range of IP addresses, select Specified Range.
Destination
Select the destination of the connections to allow or block.
To specify an IP address, select Specified IP and type the desired
IP address in the text box.
To specify a range of IP addresses, select Specified Range.
Note
You cannot specify destination range for allow and forward rule.
Quality of
Service Class
Select the QoS class to assign specified connections.
If Traffic Shaper is enabled, Traffic Shaper handles
these connections as specified in the bandwidth policy
for the selected QoS class. If Traffic Shaper is not
enabled, this setting is ignored. For information on
Traffic Shaper and QoS classes, see
“Using Traffic Shaper”
on
page 127
Note
This drop-down list appears only when you define an Allow rule or
an Allow and Forward rule.
Redirect to
port
Select this option to redirect the connections to a
specific port. Type the port number in the field provided.
This option is called Port Address Translation (PAT),
and is only available for Allow and
Forward rule.
Value: 1-65535
Log accepted
connections
Select this option to view the log for allowed
connections.
By default, accepted connections are not logged, and
blocked connections are logged.
Table 30
Firewall Rule Fields (
continued
)
Field
Action
Page 157 / 342
Customizing the Nokia IP45 Security Platform Security Policy
Nokia IP45 Security Platform User’s Guide v4.0
157
Deleting and Editing Firewall Rules
This section provides information about how to edit and delete existing firewall rules.
To delete or edit an existing rule
1.
Choose Security from the main menu.
The Firewall page opens.
2.
Click the Rules tab and click the Erase icon next to the rule, to delete.
A confirmation message appears.
3.
Click OK.
The rule is deleted.
4.
To Edit an existing rule, click Edit next to the rule
The Firewall Wizard opens.
5.
Proceed as per the wizard to add new values. For more information on adding values, see
“Creating Firewall Rules”
on page 150.
Viewing the Rules Log for Accepted Connections
You can now view the log for firewall accepted traffic in your IP45 v4.0 security platform. In
earlier releases, you could only view blocked traffic information based on your firewall rules. To
view this, follow the procedure below:
To view the firewall rules log
1.
Choose Security from the main menu.
The Firewall page opens.
2.
Click Rules tab.
Page 158 / 342
8
Setting Up the Nokia IP45 Security Platform Security Policy
158
Nokia IP45 Security Platform User’s Guide v4.0
The Rules page opens with the list of rules added.
3.
Click the Enabled option, next to log, to view the log of accepted traffic.
4.
To disable the log view, click the Enabled tag to turn to a
+
sign.
Defining an Exposed Host
The Nokia IP45 Security Platform allows you to define an exposed host, which is a computer
that is not protected by the firewall. This allows unlimited incoming and outgoing connections
between the Internet and the exposed host computer.
This process is useful for setting up a public server.
Caution
Entering an IP address can make the designated computer vulnerable to external
attacks. Nokia recommends that you not define an exposed host unless you are fully
aware of the security risks.
Page 159 / 342
Customizing the Nokia IP45 Security Platform Security Policy
Nokia IP45 Security Platform User’s Guide v4.0
159
To define a computer as an exposed host
The exposed host receives all traffic that is not forwarded to another computer by using Allow
and Forward rules.
1.
Choose Security from the main menu, and click the Exposed Host tab.
The Exposed Host page opens.
2.
In the Exposed Host text box, type the IP address of the computer to define as an exposed
host. Alternatively, you can click This Computer to define your computer as the exposed
host.
3.
Click Apply.
The selected computer is now defined as an exposed host.
Editing or Deleting an Exposed Host
This section describes how to edit or delete a define exposed host.
To edit or delete an exposed host
1.
Choose Security > Exposed Host.
2.
To edit a defined host, click Clear.
The defined value is deleted.
3.
Enter the new value in the Exposed Host field.
4.
Click Apply.
5.
To delete an exposed host, click Clear.
Page 160 / 342
8
Setting Up the Nokia IP45 Security Platform Security Policy
160
Nokia IP45 Security Platform User’s Guide v4.0
SmartDefense
The Nokia IP45 Security Platform v4.0 supports the CheckPoint SmartDefense services, which
helps the administrators to deal with application-level attacks. SmartDefense uses application
intelligence.
Application intelligence provides a combination of attack safeguards and attack blocking tools
by:
±
Validating the compliance to standards
±
Validating expected usage of protocols
±
Limiting application ability to carry malicious data
±
Controlling application-layer operations
SmartDefense aids proper usage of Internet resources such as FTP, instant messaging, peer-to-
peer(P2P) file sharing, FTP uploading.
The SmartDefense page is organized in a tree view, you can configure the nodes by expanding
the categories.
IP45 v4.0 supports the SmartDefense Wizard, a simplified method for locally configuring the
SmartDefense and Applications Intelligence security policy. The wizard resets all SmartDefense
settings to their defaults, and then creates a SmartDefense security policy according to your
network and security preferences.
SmartDefense Wizard
The SmartDefense Wizard allows you to configure your SmartDefense security policy quickly
and easily through a user-friendly interface.
After using the wizard, you can fine tune the policy settings by configuring the SmartDefense
options in the left pane of the tree. For more information, see
“Configuring SmartDefense”
on
page 163.
To set SmartDefense
1.
From the main menu, choose Security > SmartDefense.
The SmartDefense page is displayed.

Rate

3.5 / 5 based on 2 votes.

Popular Nokia Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top