Symantec 16-00-00091 Installation Guide - Page 54

Special Applications, Advanced Configuration, To con Access Filters, Select Group

Page 54 highlights

Advanced Configuration To configure Access Filters Note: Always click Save after each group setting. 1. Select a Security Group from the Select Group drop down list. Associate hosts with Security Groups using the Host IP & Group Screen. 2. Click Update Fields Below. 3. In the Group Filter Setting section, click the Use Packet Filters Below radio button. This section defines the overall setting that applies to the selected group. You MUST choose Use Packet Filters Below in order to select filters. 4. In the Quick Filters section, check the items you want to block. 5. In the Custom Filters section, provide a short name and the Start and Finish ports used by the protocol. You must know the packet type (TCP or UDP) and ports used by the protocol you wish to block. If one port is used, enter the same number in both fields. Multiple protocols and ranges can be defined for very flexible access filters for each group. 6. Click Save after entering all information for a group. Special Applications Certain applications with two-way communication need ports opened up in the firewall in order to function. This is true of most games and video/teleconferencing software. Some popular titles are already predefined, but are disabled by default. You can enable them here or add new entries. To find out what ports and protocols your application needs for operation, it's best to consult the application's support section and search for Firewall or NAT usage. Some applications might need more than one entry defined and enabled, for example when they have multiple port ranges in use. 4-14

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120

4-14
Advanced Configuration
To configure Access Filters
Note:
Always click
Save
after each group setting.
1.
Select a
Security Group from the
Select Group
drop down list.
Associate hosts with Security Groups using the Host IP & Group Screen.
2.
Click
Update Fields Below
.
3.
In the Group Filter Setting section, click the
Use Packet Filters Below
radio button.
This section defines the overall setting that applies to the selected group.
You MUST
choose
Use Packet Filters Below
in order to select filters.
4.
In the
Quick Filters
section, check the items you want to block.
5.
In the
Custom Filters
section, provide a short name and the Start and Finish ports used by
the protocol.
You must know the packet type (TCP or UDP) and ports used by the protocol you wish to
block.
If one port is used, enter the same number in both fields.
Multiple protocols and
ranges can be defined for very flexible access filters for each group.
6.
Click
Save
after entering all information for a group.
Special Applications
Certain applications with two-way communication need ports opened up in the firewall in order to
function.
This is true of most games and video/teleconferencing software. Some popular titles are
already predefined, but are disabled by default.
You can enable them here or add new entries.
To
find out what ports and protocols your application needs for operation, it's best to consult the
application's support section and search for Firewall or NAT usage.
Some applications might need
more than one entry defined and enabled, for example when they have multiple port ranges in use.