User's Manual
Table Of Contents
- WatchGuard® Firebox® X Edge User Guide
- Certifications and Notices
- Declaration of Conformity
- Notice to Users
- WatchGuard Firebox Software
- End-User License Agreement
- Copyright, Trademark, and Patent Information
- Limited Hardware Warranty
- Abbreviations Used in this Guide
- CHAPTER 1 Introduction to Network Security
- CHAPTER 2 Installing the Firebox® X Edge
- CHAPTER 3 Configuration and Management Basics
- CHAPTER 4 Changing Your Network Settings
- Using the Network Setup Wizard
- Configuring the External Network
- Configuring the Trusted Network
- Configuring the Optional Network
- Enabling the optional network
- Changing the IP address of the optional network
- Using DHCP on the optional network
- Setting optional network DHCP address reservations
- Configuring the optional network for DHCP relay
- Using static IP addresses for optional computers
- Adding computers to the optional network
- Requiring encrypted connections
- Making Static Routes
- Viewing Network Statistics
- Registering with the Dynamic DNS Service
- Enabling the WAN Failover Option
- Enabling External Modem Failover
- CHAPTER 5 Setting up the Firebox X Edge Wireless
- CHAPTER 6 Configuring Firewall Settings
- CHAPTER 7 Configuring Logging
- CHAPTER 8 Configuring WebBlocker
- CHAPTER 9 Configuring Virtual Private Networks
- CHAPTER 10 Configuring the MUVPN Client
- CHAPTER 11 Managing the Firebox® X Edge
- Viewing Current Sessions and Users
- About User Authentication
- Adding or Editing a User Account
- About Seat Licenses
- Selecting HTTP or HTTPS for Firebox Management
- Changing the HTTP Server Port
- Setting up VPN Manager Access
- Updating the Firmware
- Activating Upgrade Options
- Enabling the Model Upgrade Option
- Configuring Additional Options
- Viewing the Configuration File
- APPENDIX A Firebox®X Edge Hardware
- Index
User Guide 79
CHAPTER 6 Configuring Firewall
Settings
The Firebox X Edge uses firewall properties to control the flow of traf-
fic between the trusted interface and external interfaces. The firewall
properties you use show how much risk you can accept.
Configuring Incoming and Outgoing Policies
Your network receives incoming traffic and sends outgoing traffic.
Traffic that does not start in your network is incoming traffic. Traffic
that starts in your network is outgoing traffic.
The default configuration of the Firebox X Edge prevents the flow of
traffic from the external interface to the trusted interface. You add
Firebox policies to identify the traffic to transmit between the external
and trusted interfaces.
A Firebox policy is one or more rules that together monitor and control
traffic. These rules set the firewall actions:
• Allow means to permit a data stream or connection through the
Firebox.
• Deny means to stop a data stream or connection from passing
through the Firebox, but a response is sent to the source.
To operate a Web server behind the Firebox X Edge, configure the
HTTP policy to let incoming traffic flow to the IP address of the Web