beautypg.com

4 policy, 1 outgoing, Olicy – PLANET CS-1000 User Manual

Page 164

background image

Multi-Homing Security Gateway User’s Manual

3.4 Policy

This section provides the Administrator with facilities to sent control policies for packets with different source

IP addresses, source ports, destination IP addresses, and destination ports. Control policies decide whether

packets from different network objects, network services, and applications are able to pass through the

Multi-Homing Security Gateway.

What is Policy?

The device uses policies to filter packets. Based on source addresses, a packet can be categorized into:

(1)Outgoing: a client is in the LAN networks while a server is in the WAN networks.

(2) Incoming, a client is in the WAN networks, while a server is in the LAN networks.

(3) To DMZ: a client is either in the LAN networks or in the WAN networks while, server is in DMZ.

(4) From DMZ, a client is in DMZ while server is either in the LAN networks or in the WAN networks.

How do I use Policy?

Source addresses, destination addresses and IP mapping addresses have to be defined in the Address

menu in advance. Services can be used directly in setting up policies, if they are in the Pre-defined Service

menu. Custom services need to be defined in the Custom menu before they can be used in the policy

settings.

If the destination address of an incoming policy is a Mapped IP address or a Virtual Server address, then the

address has to be defined in the Virtual Server section instead of the Address section.

Policy Directions:

Step 1.

In

Address

, set names and addresses of source networks and destination networks.

Step 2.

In

Service

, set services.

Step 3.

In

Virtual Server

, set names and addresses of mapped IP or virtual server (only applied to

Incoming policies

).

Step 4.

Set control policies in Policy.

3.4.1 Outgoing

This section describes steps to create policies for packets and services from the LAN network to the WAN

network.

Entering the Outgoing window:

Click Policy on the left hand side menu bar, then click Outgoing under it. A window will appear with a table

displaying currently defined Outgoing policies.

- 158 -

See also other documents in the category PLANET Communication: