Manualshelf

User`s manual

ManualsBrandsAsus ManualsComputer equipmentInternet Security Router
81828384858687888990
Internet Security Router Users Manual Chapter 9. Configuring Firewall/NAT Settings
67
NAT Pools This option allows you to configure NAT Pools that will ensure mapping of the internal IP
address to public IP address. Configure NAT Pools here before attaching them to policies.
Time Ranges This option allows you to configure time-windows for user-access to the networks
across the Internet Security Router.
9.7.1 Configuring Application Filter
Application filter allows network administrator to block, monitor, and report on network users access to non-
business and objectionable content. This high-performance content access control results in increased
productivity, lower bandwidth usage and reduced legal liability.
The Internet Security Router has the ability to handle active content filtering on certain application protocols
such as HTTP, FTP, SMTP and RPC.
HTTP You can define HTTP extension based filtering schemes for blocking
ActiveX *.ocx
Java Archive *.jar
Java Applets *.class
Microsoft Archives *.msar
Other URLs based on file extensions.
FTP allows you to define and enforce the file transfer policy for the site or group of users
SMTP allows you to filter operations such as VRFY, EXPN, etc. which reveal excess information
about the recipient.
RPC allows you to filter programs based on the assigned RPC program numbers.
9.7.1.1 Application Filter Configuration Parameters
Table 9.7 describes the configuration parameters available for application filter.
Table 9.7. Application Filter Configuration Parameters
Field Description
Filter Type
Select the type of filter: FTP, HTTP, RPC and SMTP.
Filter Name
Enter a name for the filter.
Protocol
Select the protocol that Application Filter uses (TCP/UDP).
Port
Enter the port number that the Application Filter uses.
Log
This option includes buttons to enable and disable logging for this Application Filter.
Enable Select this option to enable logging for this application filter.
Disable Select this option to disable logging for this application filter.
Action
Allow Select this option to configure the rule as an allow rule. This rule when
bound to the Firewall will allow matching packets to pass through.
Deny Select this option to configure the rule as a deny rule. This rule when
bound to the Firewall will not allow matching packets to pass through.
Filter Commands
This section allows you to enter a command for the respective application. The list of supported
commands per application is as follows:
FTP Commands
Add the following command to an FTP filter to: