Manualshelf

3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
111112113114115116117118119120
120 CHAPTER 7: FIREWALL CONFIGURATION
Four security zones are predefined in the system: Local, Trust, Untrust and DMZ.
You cannot remove these security zones.
Adding interface into security zone
Perform the following configuration in zone view.
By default, all interfaces belong to the Trust zone.
An interface can belong to only one security zone. You must remove the interface
from the original security zone before adding it to another security zone if an
interface already belongs to a security zone.
c
CAUTION: For interworking between the firewall and other devices,
corresponding interfaces should be added to a security zone.
Setting priority value for the security zone
You can set priority value for the security zone. A large priority value means high
security.
Perform the following configuration in zone view.
By default, the priority value for the Local zone is 100; that for the Trust zone is 85;
that for Untrust zone is 5; that for DMZ zone is 50. You cannot change these
priority values.
Tabl e 108 Create security zone
Operation Command
Create a security zone firewall zone name zonename
Delete the security zone undo firewall zone name zonename
Tabl e 109 Add interface into security zone
Operation Command
Add an interface into the security zone
add interface interface-type
interface-number
Remove the interface from the security zone
undo add interface interface-type
interface-number
Tabl e 110 Set priority value for security zone
Operation Command
Set priority value for the security zone set priority number