Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS SAFEGUARD CONTROLLER
321322323324325326327328329330
OmniAccess SafeGuard OS Administration Guide
322
Chapter 7: Establishing a Security Policy
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) #network-zone nzSample1
(SafeGuardOS) (network-zone) #host ip-address 192.168.4.7
(SafeGuardOS) (network-zone) #host mac-address 00:ab:cd:11:22:33
(SafeGuardOS) (network-zone) #network 192.168.200.0 255.255.255.0
(SafeGuardOS) (network-zone) #range 192.168.5.1 192.168.5.50
(SafeGuardOS) (network-zone) #exit
(SafeGuardOS) (config) #
(SafeGuardOS) (config) #policy user policyTelnet
(SafeGuardOS) (policy-user) #filter f1 from any to network-zone nzSample1 tcp 23
permit precedence 10
(SafeGuardOS) (policy-user) #exit
(SafeGuardOS) (config) #exit
(SafeGuardOS) #
In the next example of network zones, two zones are created: one for internal servers and
another zone for external servers.
# Network-zone Our Company internal networks.
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) #network-zone nzInternal
(SafeGuardOS) (network-zone) #network 172.16.192.0 255.255.255.0
(SafeGuardOS) (network-zone) #network 172.16.193.0 255.255.255.0
(SafeGuardOS) (network-zone) #network 172.16.195.0 255.255.255.0
(SafeGuardOS) (network-zone) #network 172.16.196.0 255.255.255.0
(SafeGuardOS) (network-zone) #network 172.16.197.0 255.255.255.0
(SafeGuardOS) (network-zone) #network 172.16.198.0 255.255.255.0
(SafeGuardOS) (network-zone) #network 172.16.199.0 255.255.255.0
(SafeGuardOS) (network-zone) #exit
(SafeGuardOS) (config) #exit
(SafeGuardOS) #
# Network-zone for Active Directory servers.
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) #network-zone nzAdServers
(SafeGuardOS) (network-zone) #host ip-address 172.16.194.30
(SafeGuardOS) (network-zone) #host ip-address 172.16.194.31
(SafeGuardOS) (network-zone) #host ip-address 172.16.194.32
(SafeGuardOS) (network-zone) #host ip-address 172.16.0.20
(SafeGuardOS) (network-zone) #exit
(SafeGuardOS) (config) #exit
(SafeGuardOS) #
Application Groups Example
The following example defines an application group with three applications and then
binds the group to a user policy:
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) #application-group agSshTelnetWinNY
(SafeGuardOS) (app-group) #application SSH
(SafeGuardOS) (app-group) #application TELNET
(SafeGuardOS) (app-group) #application WINNY
(SafeGuardOS) (app-group) #exit