S-TAP Control: Firewall Details
These parameters affect the behavior of the S-TAP with respect to the firewall.
Name | Default value | Description |
---|---|---|
Firewall installed | Firewall feature enabled. Valid values:
|
|
Firewall timeout | 10 | Time, in seconds, to wait for a verdict from the Guardium® system. If the firewall times out, the value of the
parameter Firewall fail close determines whether to block or allow the connection.
Valid values: 0-10. |
Firewall default state | 0 | Valid values:
|
Firewall fail close | The action when the verdict cannot be set by the policy rules, for
example the Firewall timeout expires. Valid values:
|
|
Firewall force watch | When Firewall default state=0 (off), then Firewall
force watch specifies the
network/mask of the IPs you want the firewall to watch, overriding the default (off). Valid value: comma separated list of IP/mask values. |
|
Firewall force unwatch | When Firewall default state=1 (on), then Firewall force
unwatch specifies the network/mask of the IPs
you want the firewall to ignore, overriding the default (on). Valid value: comma separated list of IP/mask values. |