R3721-F3210-F3171-HP High-End Firewalls Access Control Configuration Guide-6PW101
70
results matching the search conditions. Click Reset in the Operation column to clear the packets statistics
of the related interzone policy and at this time the system starts to perform statistics again.
Figure 71 Statistics of an interzone policy
Table 25 Field description
Item Descri
p
tion
Permitted Packets
Number of packets that match the interzone policy and are forwarded
during the statistics time
Denied Packets
Number of packets that match the interzone policy and are dropped
during the statistics time
Start Time Start time of the statistics.
End Time End time of the statistics.
Querying policies by IP address
Select Firewall > Security Policy > Policy Inverse Query from the navigation tree to enter the page as
shown in Figure 72.
Type the IP address in the field, select whether you want to query by source or
destination IP address from the list, and then click Search. The page displays the policies with the source
or destination IP address.
Figure 72 Query policies by IP address
TIP:
Clicking the Configure Interzone Policy link goes to the interzone policy rule list page. You can also selec
t
Firewall > Security Policy > Interzone Policy from the navigation tree to enter the page.
Interzone policy configuration examples
Network requirements
• As shown in Figure 73, Firewall connects the corporate network to the Internet. The corporate
network belongs to zone Trust, and the external network belongs to zone Untrust.
• Configure an interzone policy, allowing internal host Public to access the external network at any
time and denying all the other internal hosts' access to the external network during working hours
(from 8:00 to 18:00) on working days (from Monday through Friday).