Cisco SA520-K9 Administration Guide - Page 108
Configuring Approved URLs to Allow Access to Websites,
UPC - 882658266744
View all Cisco SA520-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 108 highlights
Firewall Configuration Configuring Firewall Rules to Control Inbound and Outbound Traffic 4 NOTE In addition to firewall rules, there are two other methods for controlling access to the Internet: • You can allow access to approved websites. For more information, see Configuring Approved URLs to Allow Access to Websites, page 126. • You can block URLs that contain specified keywords. For more information, see Configuring Blocked URLs to Prevent Access to Websites, page 127. STEP 1 Click Firewall > Firewall > IPv4 Rules or IPv6 Rules, or for IPv4 rules, you can use the Getting Started (Advanced) page. In the Firewall and NAT Rules section, click Configure Firewall and NAT Rules. STEP 2 The Firewall Rules window opens. Any existing rules appear in the List of Available Firewall Rules table. For IPv4 rules, you can view the list of available rules by zone. Choose the source and destination from the From Zone and To Zone drop-down menus and click Display Rules. STEP 3 To add a rule, click Add. Other options: Click the Edit button to edit an entry. To delete an entry, check the box and then click Delete. To change the status of a rule, check the box and then click Enable or Disable. To select all entries, check the box in the first column of the table heading. The IPv4 Firewall Rules page includes the option to move a rule up, move a rule down, or move it to a specified location in the firewall rules list. For more information, see Prioritizing Firewall Rules, page 113. If you click Add or Edit, the Firewall Rules Configuration window opens. STEP 4 In the Firewall Rule Configuration area, enter the following information: • From Zone: Chose the source of the traffic that is covered by this rule. For an outbound rule, choose SECURE (LAN) if the traffic is coming from your LAN users or choose DMZ if the traffic is coming from a server on your DMZ. • To Zone: For an outbound rule, choose INSECURE (WAN) if the traffic is going to the Internet, or choose DMZ if the traffic is going to a server on your DMZ. - If the From Zone is the WAN, the To Zone can be the public DMZ or secure LAN. Cisco SA500 Series Security Appliances Administration Guide 108