From the Firewall tab, you can configure the Guardium® firewall for an External S-TAP®. Using the Guardium firewall can slow performance and might cause other issues. Guardium suggests that you use the firewall feature only when necessary.
|Firewall installed||0||Enables or disables the firewall feature. Valid values:
|Firewall timeout||10 (seconds)||Time, in seconds, to wait for a verdict from the Guardium system. If the firewall times out, the Firewall fail close value determines whether to block or allow the connection. The value can be any integer value.|
|Firewall default state||0||Sets the default state for the firewall. Valid values:
|Firewall fail close||0||The action to take when the verdict cannot be set by the policy rules, for example, if
Firewall timeout expires.
|Firewall force watch||A comma-separated list of IP/mask values.
If Firewall default state is set to 0 (off), then Firewall force watch specifies the network address or mask of the IP addresses that you want the firewall to watch, overriding the default.
|Firewall force unwatch||A comma-separated list of IP/mask values.
If Firewall default state is set to 1 (on), then Firewall force unwatch specifies the network address or mask of the IP addresses that you want the firewall to ignore, overriding the default.