Use the IP Address and Port area in Firewall
Rules to designate or exclude addresses and ports from
filtering for your Network IPS appliance.
About this task
Navigating in IPS Local Management Interface:
Navigating
in SiteProtector™ Management:
select the Firewall policy
Procedure
- Click the Add icon.
- Click either IPv4 or IPv6 in
the IP Version area, depending on your network.
- Configure the following options:
| Option |
Description |
|---|
| Source Address(es) |
Specifies these items:- Any: filters all IP addresses.
- Exclude: does not filter a specific address
or a range of addresses.
Note: Do not use 0.0.0.0-255.255.255.255 as the site range. If
you do, IP addresses are indiscriminately added to your ungrouped
assets folder, such as IP addresses from websites.
|
| Target Address(es) |
Specifies the following options:- Any: filters all IP addresses.
- Exclude: does not filter a specific address
or a range of addresses.
Note: Do not use 0.0.0.0-255.255.255.255 as the site range. If
you do, IP addresses are indiscriminately added to your ungrouped
assets folder, such as IP addresses from websites.
|
| Source Port(s) |
Specifies the following options:- Any: filters all ports.
- Exclude: does not filter a specific port
or a range of ports.
Note: The appliance accepts
comma-separated lists of ports and port ranges.
|
| Target Port(s) |
Specifies the following options:- Any: filters all ports.
- Exclude: does not filter a specific port
or a range of ports.
Note: The appliance accepts
comma-separated lists of ports and port ranges.
|
- Click OK.
What to do next
On the
Add Firewall Rules window, you
can specify general settings, like rule descriptions, rule actions,
and rule characteristics.