MSM7xx Controllers Configuration Guide v6.4.0
Customizing the firewall
To customize the firewall, you define one or more rules. A rule lets you target a specific type of
data traffic. If the controller finds data traffic that matches the rule, the rule is triggered, and the
traffic is rejected or accepted by the firewall.
To add a rule, select Custom Firewall on page Controller >> Security > Firewall, select Edit, and
then select Add New Rule.
Rules operate on IP datagrams (sometimes called packets). Datagrams are the individual packages
of data that travel on an IP network. Each datagram contains addressing and control information
along with the data it is transporting. The firewall analyses the addressing and control information
to apply the rules you define.
The controller applies the firewall rules in the order that they appear in the list. An intelligent
mechanism automatically adds the new rules to the list based on their scope. Rules that target a
large amount of data are added at the bottom. Rules that target specific datagram attributes are
added at the top.
Managing certificates
Digital certificates are electronic documents that are used to validate the end parties or entities
involved in data transfer. These certificates are normally associated with X.509 public key certificates
and are used to bind a public key to a recognized party for a specific time period.
The certificate stores provide a repository for managing all certificates (except for those used by
IPSec and NOC authentication). To view the certificate stores, select Controller >> Security >
Certificate stores.
376 Security