Home » Symantec Manuals » Computer Software » Symantec 360R » Manual Viewer

Symantec 360R Administration Guide - Page 118

TCP flag validation, IDS/IPS, WLAN/LAN, Enable

UPC - 037648240185

Add to My Manuals
Save this manual to your list of manuals

Page 118 highlights

118 Preventing attacks Enabling advanced protection settings 1 In the SGMI, in the left pane, click IDS/IPS. 2 In the right pane, on the Advanced tab, under IP Spoof Protection, check WAN or WLAN/LAN. 3 Click Save. TCP flag validation Certain port mapping tools, such as NMAP, use invalid TCP flag combinations to detect a firewall on a network or map the security policy implemented on the firewall. Symantec Gateway Security 300 Series blocks and logs any traffic with illegal flag combinations for traffic that is not being denied by the security policy. Any traffic denied by the security policy that has one or more bad TCP flag combinations is classified as one of several NMAP port scanning techniques (NMAP Null Scan, NMAP Christmas Scan, and so on). To enable TCP flag validation See "IDS Protection tab field descriptions" on page 205. 1 In the SGMI, in the left pane, click IDS/IPS. 2 In the right pane, on the Advanced tab, under TCP Flag Validation, check Enable.

Section	Page
Introducing the Symantec Gateway Security 300 Series	11
Intended audience	12
Where to get more information	12
Administering the security gateway	13
Accessing the Security Gateway Management Interface	13
Using the SGMI	15
Managing administrative access	15
Setting the administration password	16
Configuring remote management	17
Managing the security gateway using the serial console	19
Configuring a connection to the outside network	23
Network examples	24
Understanding the Setup Wizard	27
About dual-WAN port appliances	27
Understanding connection types	28
Configuring connectivity	30
DHCP	30
PPPoE	31
Static IP and DNS	34
PPTP	36
Dial-up accounts	39
Configuring advanced connection settings	43
Advanced DHCP settings	43
Advanced PPP settings	44
Maximum Transmission Unit (MTU)	45
Configuring dynamic DNS	45
Forcing dynamic DNS updates	47
Disabling dynamic DNS	48
Configuring routing	48
Enabling dynamic routing	48
Configuring static route entries	49
Configuring advanced WAN/ISP settings	50
High availability	50
Load balancing	51
SMTP binding	52
Binding to other protocols	52
Failover	52
DNS gateway	53
Optional network settings	54
Configuring internal connections	57
Configuring LAN IP settings	57
Configuring the appliance as DHCP server	58
Monitoring DHCP usage	60
Configuring port assignments	60
Standard port assignment	61
Network traffic control	63
Planning network access	63
Understanding computers and computer groups	64
Defining computer group membership	65
Defining computer groups	67
Defining inbound access	68
Defining outbound access	69
Configuring services	72
Redirecting services	73
Configuring special applications	74
Configuring advanced options	76
Enabling the IDENT port	76
Disabling NAT mode	77
Enabling IPsec pass-thru	77
Configuring an exposed host	78
Managing ICMP requests	79
Establishing secure VPN connections	81
About using this chapter	82
Creating security policies	82
Understanding VPN policies	82
Creating custom Phase 2 VPN policies	84
Viewing VPN Policies List	85
Identifying users	85
Understanding user types	86
Defining users	86
Viewing the User List	88
Configuring Gateway-to-Gateway tunnels	88
Understanding Gateway-to-Gateway tunnels	88
Configuring dynamic Gateway-to-Gateway tunnels	91
Configuring static Gateway-to-Gateway tunnels	93
Sharing information with the remote gateway administrator	96
Configuring Client-to-Gateway VPN tunnels	96
Understanding Client-to-Gateway VPN tunnels	97
Defining client VPN tunnels	99
Setting global policy settings for Client-to-Gateway VPN tunnels	101
Sharing information with your clients	101
Monitoring VPN tunnel status	102
Advanced network traffic control	103
How antivirus policy enforcement (AVpe) works	104
Before you begin configuring AVpe	105
Configuring AVpe	106
Enabling AVpe	107
Configuring the antivirus clients	109
Monitoring antivirus status	109
Log messages	110
Verifying AVpe operation	110
About content filtering	111
Special considerations	111
Managing content filtering lists	112
Special considerations	112
Enabling content filtering for LAN	113
Enabling content filtering for WAN	113
Monitoring content filtering	114
Preventing attacks	115
How intrusion detection and prevention works	115
Trojan horse protection	116
Setting protection preferences	116
Enabling advanced protection settings	117
IP spoofing protection	117
TCP flag validation	118
Logging, monitoring and updates	119
Managing logging	119
Configuring log preferences	120
Managing log messages	124
Updating firmware	124
Automatically updating firmware	125
Upgrading firmware manually	129
Checking firmware update status	133
Backing up and restoring configurations	133
Resetting the appliance	135
Interpreting LEDs	136
LiveUpdate and firmware upgrade LED sequences	139
Troubleshooting	141
About troubleshooting	141
Accessing troubleshooting information	143
Licensing	145
Session licensing for Symantec Gateway Security 300 Series Client-to-Gateway VPN functions	145
Additive session licenses	145
SYMANTEC GATEWAY SECURITY APPLIANCE LICENSE AND WARRANTY AGREEMENT	146
Field descriptions	151
Logging/Monitoring field descriptions	151
Status tab field descriptions	152
View Log tab field descriptions	154
Log Settings tab field descriptions	155
Troubleshooting tab field descriptions	156
Administration field descriptions	157
Basic Management tab field descriptions	158
SNMP tab field descriptions	158
LiveUpdate tab field descriptions	159
LAN field descriptions	160
LAN IP & DHCP tab field descriptions	161
Port Assignment tab field descriptions	162
WAN/ISP field descriptions	162
Main Setup tab field descriptions	164
Static IP & DNS tab field descriptions	165
PPPoE tab field descriptions	166
Dial-up Backup & Analog/ISDN tab field descriptions	167
PPTP tab field descriptions	171
Dynamic DNS tab field descriptions	171
Routing tab field descriptions	174
Advanced tab field descriptions	175
Firewall field descriptions	176
Computers tab field descriptions	177
Computer Groups tab field descriptions	179
Inbound Rules field descriptions	180
Outbound Rules tab field descriptions	181
Services tab field descriptions	182
Special Application tab field descriptions	183
Advanced tab field descriptions	186
VPN field descriptions	187
Dynamic Tunnels tab field descriptions	189
Static Tunnels tab field descriptions	193
Client Tunnels tab field descriptions	197
Client Users tab field descriptions	199
VPN Policies tab field descriptions	200
Status tab field descriptions	202
Advanced tab field descriptions	203
IDS/IPS field descriptions	204
IDS Protection tab field descriptions	205
Advanced tab field descriptions	206
AVpe field descriptions	207