![Planet SG-500 Инструкция по эксплуатации онлайн [45/319] 66178](/img/pdf.png)
Planet SG-500 Инструкция по эксплуатации онлайн [45/319] 66178
![Planet SG-500 Инструкция по эксплуатации онлайн [45/319] 66178](/views2/1071674/page45/bg2d.png)
SG-500 VPN Security Gateway User’s Manual
- 40 -
DMZ:
The Administrator uses the DMZ Interface to set up the DMZ network.
The DMZ includes:
NAT Mode:In this mode, the DMZ is an independent virtual subnet. This virtual subnet
can be set by the Administrator but cannot be the same as LAN Interface.
Transparent Mode: In this mode, the DMZ and WAN Interface are in the same subnet.
Содержание
- User s manual 1
- Vpn security gateway sg 500 1
- Ce mark warning 2
- Copyright 2
- Disclaimer 2
- Federal communication commission interference statement 2
- Trademarks 2
- Fcc caution 3
- R tte compliance statement 3
- Revision 3
- Safety 3
- Chapter 1 introduction 1 4
- Chapter 2 system 4 4
- Chapter 3 interface 38 4
- Chapter 4 policy object 50 4
- Table of contents 4
- Chapter 5 policy 223 5
- Chapter 6 web vpn ssl vpn 247 5
- Chapter 7 anomaly flow ip 260 5
- Chapter 8 monitor 271 5
- Chapter 1 introduction 6
- Features 6
- Package contents 7
- Vpn security gateway rear panel 7
- Vpn security gateway top view 7
- Specification 8
- Administration 9
- Chapter 2 system 9
- System is the managing of settings such as the privileges of packets that pass through the sg 500 and monitoring controls the system administrators can manage monitor and configure sg 500 settings but all configurations are read only for all users other than the system administrator those users are not able to change any setting of the sg 500 9
- Admin define the required fields of administrator 10
- Adding a new sub administrator 11
- Modify the administrator s password 12
- Permitted ips 13
- Logout 14
- Software update 15
- Configure 16
- The configure is according to the basic setting of the sg 500 in this section the definition is setting date time multiple subnet route table dhcp dynamic dns hosts table and language settings 16
- Settings 17
- Define the required fields of time settings 18
- Define the required fields of multiple subnet 19
- Define the required fields of ddns 21
- Define the required fields of dhcp 21
- Define the required fields of host table 21
- System settings exporting 22
- System settings importing 23
- Enabling e mail alert notification 24
- Restoring factory default settings 24
- Reboot sg 500 26
- Date time 27
- Multiple subnet 28
- Adding multiple subnet 29
- Route table 33
- To connect two different subnet router with the sg 500 and makes them to connect to internet through sg 500 33
- Dhcp web ui 38
- Occasion when the system administrator starts authentication the users first dns server must be the 38
- Same as lan interface ip in order to enter authentication web ui 38
- When selecting automatically get dns the dns server will lock it as lan interface ip using 38
- Host table 41
- Language 42
- Chapter 3 interface 43
- Interface 44
- Interface define the required fields of interface 44
- Dynamic ip address connection 52
- Dmz setting dmz interface address nat mode 53
- Setting dmz interface address transparent mode 54
- Address 55
- Chapter 4 policy object 55
- Define the required fields of address 56
- Example 58
- Example under dhcp situation assign the specific ip to static users and restrict them to access ftp net service only through policy 58
- Setup a policy that only allows partial users to connect with specific ip external specific ip 61
- Step 1 setting several lan network address 61
- Service 65
- Define the required fields of service 66
- Custom 68
- Custom allow external user to communicate with internal user by voip through policy voip port tcp 1720 tcp 15328 15333 udp 15328 15333 68
- Setting service group and restrict the specific users only can access to service setting service group and restrict the specific users only can access to service resource that provided by this group through policy group http pop3 smtp dns 72
- Complete the setting of adding service group 73
- Schedule 75
- To configure the valid time periods for lan users to access to internet in a day 76
- The flow after using qos max bandwidth 400kbps guaranteed bandwidth 200kbps 79
- Define the required fields of qos 80
- Example 82
- Example setting a policy that can restrict the user s downstream and upstream bandwidth 82
- Authentication 84
- By configuring the authentication you can control the user s connection authority the user has to pass the authentication to access to internet the sg 500 configures the authentication of lan s user by setting account and password to identify the privilege 84
- Define the required fields of authentication 85
- Connecting to the appointed website after authentication 87
- If the users ask for authentication positively they can enter the lan ip by the authentication port 87
- It will connect to the appointed website after passing authentication 87
- Number and then the authentication web ui will be displayed 87
- Example 90
- Example setting specific users to connect with external network only those pass the authentication of policy adopt the built in auth user and auth group function 90
- Content blocking 94
- Define the required fields of content blocking 95
- Url blocking 98
- Url restrict the internal users only can access to some specific web site 98
- Restrict the internal users to access to script file of website restrict the internal users to access to script file of website 101
- Script 101
- Restrict the internal users to access to the file on internet by p2p restrict the internal users to access to the file on internet by p2p 103
- Restrict the internal users to send message files video and audio by instant restrict the internal users to send message files video and audio by instant messaging 105
- Download 107
- Download restrict the internal users to access to video audio and some specific sub name file from http or ftp protocol directly 107
- Virtual server 109
- Define the required fields of virtual server 111
- Example 113
- Example make a single server that provides several services such as ftp web and mail to provide service by policy 113
- A single server that provides several services by mapped ip 115
- Step 7 complete the setting of providing several services by mapped ip 115
- Make several servers that provide a single service to provide service through policy by virtual server take web service for example 116
- Step 1 setting several servers that provide web service in lan network which ip address is 192 68 01 192 68 02 192 68 03 and 192 68 04 116
- The external user use voip to connect with voip of lan voip port tcp 1720 tcp 153210 15333 udp 153210 15333 119
- Make several servers that provide several same services to provide service through policy by virtual server take http pop3 smtp and dns group for example 123
- How to use the vpn 127
- Ipsec vpn 127
- Example to access the static subnet resources via the ipsec vpn connection between two sg 500 appliances 131
- Vpn test environment 131
- The default gateway of company a is the sg 500 lan ip 192 68 0 follow the steps 132
- The default gateway of company b is the lan ip of the sg 500 192 68 0 follow the steps below 138
- Example 144
- Test environment 144
- The deployment 144
- The way to set the sg 500 appliance ipsec vpn connection in windows 2000 144
- Following settings 145
- The a company s default gateway is the lan ip 192 68 0 in the sg 500 add the 145
- The b company s real ip is 211 2 2 2 add the following settings 151
- Example 202
- Test environment 202
- The way to set the ipsec vpn connection between two sg 500 appliances aggressive mode the ipsec algorithm 3des encryption md5 authentication 202
- Settings 203
- The a company s default gateway is the sg 500 lan ip 192 68 0 make the following 203
- Settings 209
- The b company s default gateway is the sg 500 s lan ip 192 68 0 add the following 209
- Example 215
- Test environment 215
- The deployment 215
- The way to set the ipsec vpn connection between two sg 500 appliances the gre packets the ipsec algorithm 3des encryption md5 authentication 215
- The a company s default gateway is the lan ip 192 68 0 in sg 500 216
- The b company s default gateway is the lan ip 192 68 0 of sg 500 add the following settings 222
- Chapter 5 policy 228
- Define the required fields of policy define the required fields of policy 230
- Policy 230
- Example 234
- Example set up the policy that can monitor the internal users take logging statistics and alarm threshold for example 234
- 231 231 236
- Sg 500 vpn security gateway user s manual 236
- Statistics web ui 236
- Step 4 to display the traffic record that through policy to access to internet in policy statistics of statistics function 236
- Forbid the users to access to specific network take specific wan ip and content blocking for example 237
- Download blocking setting 238
- Only allow the users who pass authentication to access to internet in particular time 242
- The external user control the internal pc through remote control software take pc anywhere for example 244
- Set a ftp server under dmz nat mode and restrict the download bandwidth from external and max concurrent sessions 246
- Set a mail server to allow the internal and external users to receive and send e mail under dmz transparent mode 248
- As a result of the internet universal application the demand which the enterprise security about remote login also grows day by day the most convenient security solution to user is nothing better than in ssl vpn the user does not need to install any software or the hardware and just use standard browser to transmit data through ssl safe encryption agreement 252
- Chapter 6 web vpn ssl vpn 252
- Define the required fields of setting 253
- Define the required fields of vpn 253
- Define the required fields of status 254
- Settings 255
- Settings setting web vpn ssl vpn connection between external client and sg 500 255
- Chapter 7 anomaly flow ip 265
- When the sg 500 received the intrusion packets from hackers the internal pc will block this abnormal packets in it to prevent the company s network be paralyzed in this chapter we will make the introduction and settings of anomaly flow ip 265
- Settings 266
- To alert and block the external or internal anomalous data packets 270
- Can add non detected ip and these ip will not controlled by this function 271
- The setting of anomaly flow ip and dos anti attack 271
- Send the netbios alert notification to the mis engineer 273
- Chapter 8 monitor 276
- Traffic log 278
- Traffic log to detect the information and protocol port that users use to access to internet or intranet by sg 500 278
- Event log 283
- Event log to record the detailed management events such as interface and event description of sg 500 of the administrator 283
- Connection log 286
- Connection log to detect event description of wan connection 286
- Log backup 289
- Log backup to save or receive the records that sent by the sg 500 289
- Accounting report 291
- Define the required fields of accounting report 292
- Outbound 294
- Outbound source ip statistics report 295
- Outbound destination ip statistics report 297
- Inbound 300
- Inbound top users statistics report 301
- Inbound destination ip statistics report 303
- According to the downstream upstream report of the selected top numbering to draw the protocol distribution chart 305
- Statistics 306
- Define the required fields of statistics 307
- Policy 310
- In this section we will make the introduction of wake on lan 312
- Software such as vnc terminal service and pc anywhere 312
- The mis engineers can use the sg 500 appliance to start up the internal pcs by sending packets 312
- Wake on lan 312
- Which included the network bootable network adapter and can additionally use the remote monitor 312
- Remote monitor the internal pc 313
- Status 314
- Interface 315
- Interface status 316
- Authentication 317
- Arp table 318
- Dhcp clients 319
Похожие устройства
- HP Pavilion g7-2003er Инструкция по эксплуатации
- Singer CURVY 8770 Инструкция по эксплуатации
- HP Pavilion dv6-7060er Инструкция по эксплуатации
- Planet IM-1000 Инструкция по эксплуатации
- Singer TALENT 3221 Инструкция по эксплуатации
- Alienware x51-4897 Инструкция по эксплуатации
- Planet MH-2001 Инструкция по эксплуатации
- Singer HEAVY DUTY 4411 Инструкция по эксплуатации
- Alienware x51-4903 Инструкция по эксплуатации
- Planet CS-1000 Инструкция по эксплуатации
- Singer BRILLIANCE 6160 Инструкция по эксплуатации
- Planet CS-2000 Инструкция по эксплуатации
- Alienware x51-4910 Инструкция по эксплуатации
- Singer FASHION MATE 7256 Инструкция по эксплуатации
- Planet DKVM-1700 Инструкция по эксплуатации
- HP Omni 27-1000er H1F63EA Инструкция по эксплуатации
- Singer LIMITED EDITION 160 Инструкция по эксплуатации
- Planet IKVM-8000 Инструкция по эксплуатации
- Samsung S24B300BL Инструкция по эксплуатации
- Singer PROMISE 1408 Инструкция по эксплуатации
Скачать
Случайные обсуждения