Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS SAFEGUARD CONTROLLER
301302303304305306307308309310
OmniAccess SafeGuard OS Administration Guide
302
Chapter 7: Establishing a Security Policy
2 Using your existing corporate security plan and documents for organizing your
role hierarchy, organize your users, servers, and other resources into logical
groups.
As mentioned before, users are organized by role. Resources can also be
organized into network zones, which are collections of nodes and network
segments.
A network zone is an easy way to take all of the resources for a group and naming
that entity. For example, define a network zone for the servers for the Finance
organization or for the resources that will be unauthenticated users.
3 Determine what applications and what files you want to monitor or block.
4 Define the list of permissions (rules) based on the access criteria.
5 Order the filters within each role by precedence.
System White-Black List
SafeGuard OS allows designating specific MAC address, VLAN, or IP address (TCP,
UDP, or ICMP) as white/black listed addresses.
In addition to permitting or denying access to the network, a system white-black list
disables the following features for specified entries:
Malware detection
Policy
Visualization
Adding a System White-Black List Entry
To configure a system white-black list:
1 Use the Global Configuration command, system white-black list, to enter the
whiteblack-list submode. This command does not have any options or
parameters.