3Com 3CR990 빠른 시작 매뉴얼 - 페이지 16

{카테고리_이름} 3Com 3CR990에 대한 빠른 시작 매뉴얼을 온라인으로 검색하거나 PDF를 다운로드하세요. 3Com 3CR990 18 페이지. Software for the 3cr990 network interface card (nic) family embedded firewall

페이지 인쇄

Quick Start Guide

Moving the EFW NIC to the New Device Set

Now that you have multiple device sets, you can move the EFW NIC from

the default device set to the No IP Initiation device set that you created in

the previous section by following the steps below.

1 In the Management Console, click the Device Sets tab in the

tree-view frame.

2 Click Default Device Set. This device set contains the EFW NIC that you

added earlier in this guide.

3 In the Device box, highlight the EFW device, and then click Move.

4 A list of alternative device sets appears. Select the Sample device set that

you created in the previous section, and click OK. You will see a feedback

window indicating that the new policy has been distributed to the

embedded ﬁrewall. The EFW device is moved to the new device set and

now enforces the new policy.

Testing Policy Enforcement and Viewing Audit Data

At this point you should have an EFW NIC enforcing the No IP Initiation policy.

To ensure that the policy is functioning as expected, the following steps

attempt to connect to the Internet by initiating the TCP protocol HTTP, which

should be denied by the policy being enforced. You will then view the audit

generated by the failed attempt.

1 On the machine hosting the EFW NIC, attempt to connect to

www.3com.com. If you were denied access to the site, the EFW NIC

is correctly enforcing the "No IP Initiation" policy. If you were able to

connect to the site, go back to the "Creating a Policy" section in this

guide and verify that you correctly set up the policy rules.

2 To view the audit generated by this access attempt using the Management

Console, follow the steps below:

a In the Audit menu, select Audit Browser (or click the

b In the Query menu, select New (or click the

window appears.

c Type All Recent Audit Records in the Query Name ﬁeld.

d In the Rule tab, select the All Devices check box in the For area, and the

All rule matches check box in the Show area.

e In the Policy tab, select the All Policies check box in the For area, and

the All policy events check box in the Show area.

icon).

icon). The Query Editor