5 configure forwarding firewall rule set, Configure forwarding firewall rule set – Barracuda Networks VERSION SP4 User Manual

181 Barracuda NG Network Access Client - Administrator’s Guide

13.5 Configure Forwarding Firewall Rule Set

Enforcement of the security policy is provided by the Barracuda NG Network Access Client software
installed on the endpoint itself. Whenever leaving the local collision domain, Barracuda NG Firewalls
can provide additional protection. To enforce the health policy, Barracuda NG Firewalls may interpret
the access policy attribute assigned to the endpoint within their rule sets. This provides a way to
enforce network access control concepts based on date and time, identity and health state and type
of network access.

To allow communication to protected servers only for clients conforming to the health policy, modify
the gateway firewall rule set as follows:

•

Open the forwarding firewall rule set and change to section

User Groups.

•

Select

New …

in the context menu to create a new

User Object.

•

After setting a name for the user object add a new User Condition

•

Within the

Policy Roles Patterns

section, change the logic operation to

One

Pattern must match (OR).

•

Add two new Policy Roles Patterns:

healthy

and

probation.

•

Close the User condition dialog.

•

Create or edit the firewall rule

Healthy-Access-to-protected-Servers.

•

Add a reference to the new user object

healthy-clients

within the

Authenticated user

dialog box.

Fig. 13–7 Example configuration – Configure forwarding firewall rule set – Edit/Create User Object > User Condition