Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Cyberoam Firewall

    Enviado por

    Izi Rider
    656 visualizações27 páginas
    Cyberoam - Management Unified Threat Unified Threat Management Firewall Agenda: Access Control (Local ACL) Firewall Local ACL if the LAN is having multiple subnets then those networks need to be added to Auth Networks. If virtual sub-interfaces are configured for VLAN implementation, they are also nested and displayed beneath the physical interface.

    Descrição original:

    Título original

    3. Cyberoam Firewall

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PPT, PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    Cyberoam - Management Unified Threat Unified Threat Management Firewall Agenda: Access Control (Local ACL) Firewall Local ACL if the LAN is having multiple subnets then those networks need to be added to Auth Networks. If virtual sub-interfaces are configured for VLAN implementation, they are also nested and displayed beneath the physical interface.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PPT, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    656 visualizações27 páginas

    Cyberoam Firewall

    Enviado por

    Izi Rider
    Cyberoam - Management Unified Threat Unified Threat Management Firewall Agenda: Access Control (Local ACL) Firewall Local ACL if the LAN is having multiple subnets then those networks need to be added to Auth Networks. If virtual sub-interfaces are configured for VLAN implementation, they are also nested and displayed beneath the physical interface.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PPT, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 27

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Firewall

    Agenda: Access Control (Local ACL) IP Management Firewall Management Default Firewall Rules Outbound NAT (Source NAT) Inbound NAT (Virtual Host) Denial of Service (DoS) Cyberoam Unified Threat Control under Firewall

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Access Control (Local ACL)


    Firewall Local ACL

    If the LAN is having multiple subnets then those networks need to be added to Auth Networks if you want those IPs to be able to authenticate with cyberoam

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    IP Management
    Select System Configure Network Manage Interface to view port wise network (physical interface) and zone details. If virtual sub-interfaces are configured for VLAN implementation, they are also nested and displayed beneath the physical interface. Interface - Physical interfaces/ports available on Cyberoam. If virtual sub-interface is configured for the physical interface, it also displayed beneath the physical interface. Virtual sub-interface configuration can be updated or deleted.

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Firewall Management

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Zone Management: Cyberoam Zone Types


    LAN WAN DMZ Local VPN : The Internal and most secure zone. : The external, no-control and non-reliable zone. : The secured publicly accessible server zone. : All ports of the Cyberoam Appliance fall in this zone. : It is the only zone that does not have an assigned physical port/interface.

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Zone Management: Create Zone


    Select System Zone Create to open the create page

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Service Management
    Cyberoam provides several standard services and allows creating: Customized service definitions Firewall rule for Customized service definitions

    Define Custom Service


    Select Firewall Services Create to open the create page

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Schedule Deactive Enable/Disable Rule Edit

    Insert

    Delete

    Move

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Default Firewall Rules


    Cyberoam creates two Default Firewall Rules when it is first deployed in any of the two operational modes These rules depend on the operational mode and the Default Internet Access Policy created while running the network configuration wizard The default rules can be edited by the administrator but they cannot be deleted.

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Cyberoam Default Rule ID # 2

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Cyberoam Default Rule ID # 1

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    L2 Firewall support
    In Cyberoam MAC address (Machine Address) is a decision parameter along with identity and ip address for the firewall policies

    All normal firewall policies like IAP, AV, IPS, Bandwidth policy etc can be applied on MAC firewall rule
    Exp: For any server running on dynamic IP Address, we can create a firewall rule to allow that server through firewall using MAC

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Create firewall rule based on MAC address

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Now create MAC based firewall rule Create MAC based host for Dynamic web server

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Outbound NAT (Source NAT)


    What is NAT Cyberoam has a predefined NAT policy called MASQ that NATs the outgoing traffic with the outgoing ports IP Address Use NAT when you want to do map a specific outbound traffic with a specific IP/IP Range Cyberoam allows to create a NAT policy, which can be bound to a firewall rule. Example Mail server is configured in DMZ zone with private IP address & traffic generated from Mail server intend to go outside with specific Public IP i.e. 154.146.25.36.

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Create NAT Policy


    Firewall NAT Policy Create

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Create a Firewall rule to include the NAT policy


    Firewall Create Firewall Rule

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Inbound NAT (Virtual Host)


    Virtual Host is require to make internal resources available to internet like web server or mail server configured in LAN or DMZ zone. Virtual Host maps services of a public IP address to services of a host in a private network. In other words it is a mapping of public IP address to an internal IP address. This virtual host is used as the Destination address to access LAN or DMZ servers. Virtual Host is an object where we map few or all services of a public IP address to few or all services on an internal host. Example: Webserver configured in LAN zone with 192.168.1.157. From internet users are accessing www.abc.com which is resolving on 154.146.25.37. Lets see how to make webserver available on Internet.

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Create Virtual Host


    Firewall Virtual Host Create Virtual Host

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Create Firewall rule to include the Virtual Host

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Loopback Firewall rule

    Once the virtual host is created successfully, Cyberoam automatically creates a loopback firewall rule for the zone of the mapped IP address. Loopback firewall rule is created for the service specified in virtual host. If port forwarding is not enabled in virtual host then firewall rule with All Services is created.

    Loopback rules allow internal users to access the internal resources using its public IP (external IP) or FQDN.

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Denial of Service
    What is Denial of Service How does Denial of Service Happen Effects of Denial of Service

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Types of Denial of Service Attacks


    Sync Flood UDP Flood TCP Flood ICMP Flood

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    DoS protection Settings


    How many connections is each LAN host generating (take an average)? Multiply that by the number of hosts in your network. Destination based checking of DOS attacks should be disabled unless you suspect that there is a host inside your network generating a DOS attack. Turn off checking for TCP flood unless specifically instructed by the Cyberoam Support Staff

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    DoS Configuration
    Firewall Denial of Service DoS Settings

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Cyberoam Unified Firewall Controls


    Cyberoams unified firewall controls includes:

    IPS Policy Internet Access Policy Bandwidth Policy Anti Virus, Anti Spam Scanning Route through Gateway

    Cyberoam

    Cyberoam - Management Unified Threat Unified Threat Management

    Unified Threat Control on Firewall

    Unified Threat Control

    Você também pode gostar