78
Adding a DMZ To External Policy:
Step 1:
Click the New Entry button and the Add New Policy window will appear.
Step 2:
Source Address:
Select the name of the DMZ network from the drop down
list. The drop down list will contain names of DMZ networks defined in
DMZ
section of the
Address
menu. To add a new source address, please go to the
DMZ
section under the
Address
menu.
Destination Address:
Select the name of the external network from the drop
down list. The drop down list lists names of addresses defined in
External
section of the
Address
menu. To add a new destination address, please go to
External
section of the
Address
menu.
Service:
Select a service from drop down list. The drop down list will contain
services defined in the
Custom
or
Group
section under the
Service
menu.
These are services/application that are allowed to pass from the DMZl network
to the External network. Choose ANY for all services. To add or modify these
services, please go to the
Service
menu.
Action:
Select Permit or Deny from the drop down list to allow or reject the
packets travelling from the specified DMZ network to the external network.
Logging:
Select Enable to enable flow monitoring.
Statistics:
Click Enable to enable flow statistics.
Alarm Threshold:
set a maximum flow rate (in Kbytes/Sec). An alarm will be
sent if the flow rate exceeds the specified value.
Step 3:
Click
OK
to add new policy or click
Cancel
to cancel adding.