3Com 3CR990 Quick Start Manual - Page 14
Browse online or download pdf Quick Start Manual for Network Card 3Com 3CR990. 3Com 3CR990 18 pages. Software for the 3cr990 network interface card (nic) family embedded firewall
Print Page
Quick Start Guide
To create the "No IP Initiation" policy, follow the steps below.
1 In the Management Console Main menu, select New -> Policy. The Create
a New Policy window appears.
2 Type No IP Initiation in the Policy field and click OK. The new policy
information appears in the working frame.
3 Select the following policy-setting check boxes:
No Sniffing
I
No Spoofing, No Routing
I
Allow non-IP Traffic
I
Allow Fragmented IP Packets
I
Allow IP Options
I
4 Select Allow All Traffic in the Fallback Mode drop-down list. A fallback
policy is used by a NIC if it is unable to reach the Policy Server on boot-up.
5 Type a description of the policy in the Description field, if desired. This field
is optional and exists solely to assist an administrator in assigning policies.
You can include information about what the policy does, or when to use
it (for example, the bulleted information provided at the beginning of
this section).
6 The access control list (ACL) initially contains only the default rule. Add the
Windows 2000 Standard rule set as follows:
a In the Policy menu, select Rule Set (or click the
Manager window appears.
b Click on the Windows 2000 Standard Rule Set (that you imported in
step 4 on page 9) to select it, and then click Add To Policy.
c Click Close. The rule set should appear in the ACL.
7 Create a "Deny outbound TCP SYN" rule as follows:
a In the Policy menu, select Add Rule (or click the
appears in the ACL.
b Click in the Rule Name cell, and type Deny outbound TCP SYN.
c Click in the Action cell, and select Deny from the drop-down list.
d Click in the Source IP Address cell, and select EFW Device IP from the
drop-down list.
e Click in the IP Protocol cell, and select tcp (6) init from the
drop-down list.
10
icon). The Rule Set
icon). A new rule