D-Link DFL-800 [329/552] Smtp log receiver for idp events chapter 6 security mechanisms

D-Link DFL-800 [329/552] Smtp log receiver for idp events chapter 6 security mechanisms
SMTP Server: smtp-server
Server Port: 25
Specify alternative email addresses (up to 3)
Sender: hostmaster
Subject: Log event from NetDefendOS
Minimum Repeat Delay: 600
Hold Time: 120
Log Threshold: 2
Click OK
IDP Rules:
1. Go to IDP > IDP Rules
2. Select a rule and choose Edit
3. Select the action you wish to log and choose Edit
4. Check the Enable logging checkbox in the Log Settings tab
5. Click OK
Example 6.21. Setting up IDP for a Mail Server
The following example details the steps needed to set up IDP for a simple scenario where a mail server is
exposed to the Internet on the DMZ network with a public IP address. The public Internet can be reached through
the firewall on the WAN interface as illustrated below.
An IDP rule called IDPMailSrvRule will be created, and the Service to use is the SMTP service. Source Interface
and Source Network defines where traffic is coming from, in this example the external network. The Destination
Interface and Destination Network define where traffic is directed to, in this case the mail server. Destination
Network should therefore be set to the object defining the mail server.
Command-Line Interface
Create an IDP Rule:
gw-world:/> add IDPRule Service=smtp SourceInterface=wan
6.5.8. SMTP Log Receiver for IDP
Events
Chapter 6. Security Mechanisms
329

Содержание

Скачать