McAfee MAP-3300-SWG Product Guide - Page 216

Overview of System features Appliance Management Secure Shell Configuration Table 207 Option definitions - Secure Shell Configuration Option Enable the secure shell Definition Click to enable the use of Secure Shell (SSH) to connect remotely to your appliance. By default, when you enable the use of SSH, it allows all hosts or networks that can access the appliance. Click Allow permitted hosts / networks listed below, then select New Address to add only the specified devices access. You can use your SSH client to access the support account on the appliance. Use the same password that you use to access the interface from a remote computer. If you are using out-of-band management and have blocked port 22, change the SSH configuration to allow Secure Shell access. Permitted Displays details of devices that can access the appliance. By default, access is available Host / Network to ALL hosts or networks that can use Secure Shell (SSH). The entries here are added to the /etc/hosts.allow file, and therefore must follow its conventions. We recommend that you allow access to known domains or users initially. To add a network use the following notation formats: • IPv4: 192.168.5.0/24 or 192.168.5.0/255.255.255.0 (allows every host with a network address beginning 192.168.5 to access the secure shell) • IPv6: [3ffe:505:2:1::]/64 (allows every address in the range `3ffe:505:2:1::´ through `3ffe:505:2:1:ffff:ffff:ffff:ffff´) • domain wildcards: *.example.com (allows all hosts in the example.com domain to access the secure shell) To add an individual host, use the following notation formats: • IPv4: 192.168.0.5 (only allows the particular IP address to access the secure shell) • IPv6: [2001:470:921b:7896::3c]. The [ ] must be typed. • hostname: host1.example.com (only allows host1 in the example.com domain to access the secure shell) To add individual hosts, netmasks can not be used. 216 McAfee Email and Web Security Appliances 5.6.0 Product Guide