D-Link DFL-300 User Manual - Page 88

Policy, What is Policy?, How do I use Policy?

Get D-Link DFL-300 - Security Appliance PDF manuals and user guides
UPC - 790069240751
View all D-Link DFL-300 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 88 highlights

Policy This section provides the Administrator with facilities to sent control policies for packets with different source IP addresses, source ports, destination IP addresses, and destination ports. Control policies decide whether packets from different network objects, network services, and applications are able to pass through the Firewall. What is Policy? The FIREWALL VPN ROUTER uses policies to filter packets. The policy settings are: source address, destination address, services, permission, packet log, packet statistics, and flow alarm. Based on its source addresses, a packet can be categorized into: (1). Outgoing: a client is in the internal networks while a server is in the external networks. (2) Incoming, a client is in the external networks, while a server is in the internal networks. (3) To DMZ: a client is either in the internal networks or in the external networks while, server is in DMZ. (4) From DMZ, a client is in DMZ while server is either in the internal networks or in the external networks. How do I use Policy? The policy settings are source addresses, destination addresses, services, permission, log, statistics, and flow alarm. Among them, source addresses, destination addresses and IP mapping addresses have to be defined in the Address menu in advance. Services can be used directly in setting up policies, if they are in the Pre-defined Service menu. Custom services need to be defined in the Custom menu before they can be used in the policy settings. If the destination address of an incoming policy is a Mapped IP address or a Virtual Server address, then the address has to be defined in the Virtual Server section instead of the Address section. Policy Directions: Step 1. Step 2. Step 3. Step 4. In Address, set names and addresses of source networks and destination networks. In Service, set services. In Virtual Server, set names and addresses of mapped IP or virtual server (only applied to Incoming policies). Set control policies in Policy - 88 -

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
Policy
This section provides the Administrator with facilities to sent control policies
for packets with different source IP addresses, source ports, destination IP
addresses, and destination ports.
Control policies decide whether packets
from different network objects, network services, and applications are able to
pass through the Firewall.
What is Policy?
The FIREWALL VPN ROUTER uses policies to filter packets.
The policy
settings are: source address, destination address, services, permission,
packet log, packet statistics, and flow alarm. Based on its source addresses,
a packet can be categorized into:
(1). Outgoing: a client is in the internal networks while a server is in the
external networks.
(2) Incoming, a client is in the external networks, while a server is in the
internal networks.
(3) To DMZ: a client is either in the internal networks or in the external
networks while, server is in DMZ.
(4) From DMZ, a client is in DMZ while server is either in the internal
networks or in the external networks.
How do I use Policy?
- 88 -
The policy settings are source addresses, destination addresses, services,
permission, log, statistics, and flow alarm. Among them, source addresses,
destination addresses and IP mapping addresses have to be defined in the
Address
menu in advance. Services can be used directly in setting up
policies, if they are in the Pre-defined Service menu. Custom services need
to be defined in the C
ustom
menu before they can be used in the policy
settings.
If the destination address of an incoming policy is a Mapped IP address or a
Virtual Server address, then the address has to be defined in the
Virtual
Server
section instead of the
Address
section.
Policy Directions:
Step 1.
In
Address
, set names and addresses of
source networks and destination networks.
Step 2.
In
Service
, set services.
Step 3.
In
Virtual Server
, set names and addresses
of mapped IP or virtual server (only applied to
Incoming policies
).
Step 4.
Set control policies in
Policy