Manualshelf

Installation guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED
41424344454647484950
44
Chapter 6 Defining Layer 2 Firewalls
Getting Started with Defining Layer 2 Firewalls
The Layer 2 Firewall engine elements are a tool for configuring nearly all aspects of your physical
Layer 2 Firewall components.
An important part of the Layer 2 Firewall engine elements are the interface definitions. There are
three main categories of Layer 2 Firewall engine interfaces:
Normal Interfaces for system communications. These are used when the Layer 2 Firewall
engine is the source or the final destination of the communications (for example, in control
communications between the Layer 2 Firewall engine and the Management Server). You must
define at least one interface that is dedicated to system communications for each Layer 2
Firewall engine element.
Inline Interfaces and Capture Interfaces for inspecting traffic. You must define one or more
traffic inspection interfaces for each Layer 2 Firewall engine element.
The interfaces have their own numbering in the SMC called Interface ID. The numbering is
independent of the operating system interface numbering on the engines. However, if you do the
engine’s initial configuring using the automatic USB memory stick configuration method, the
Interface IDs in the SMC are mapped to match the Physical Interface numbering in the operating
system (eth0 is mapped to Interface ID 0 and so on). If you do the initial configuration manually,
you can freely choose how the Interface IDs in the SMC are mapped to the Physical Interfaces.
Creating Engine Elements
This section covers the basic configuration of Layer 2 Firewall engine elements. For complete
instructions on configuring Layer 2 Firewall engine properties, see the Management Client
Online Help or the McAfee SMC Administrator’s Guide.
To create an engine element
1. Select ConfigurationConfigurationSecurity Engine. The Security Engine Configuration
view opens.
2. Right-click Security Engines and select one of the following:
NewLayer 2 FirewallLayer 2 Firewall Cluster
NewLayer 2 FirewallSingle Layer 2 Firewall
3. Enter a unique Name.
4. Select the Log Server that stores the log events that the Layer 2 Firewall engine creates.
5. (Optional) Define one or more DNS IP Addresses for the Layer 2 Firewall engine. These are
the IP addresses of the DNS server(s) that the Layer 2 Firewall engine uses to resolve
domain names and web filtering categorization services (which are defined as URLs).
To enter a single IP address manually, click Add and select IP Address. Enter the IP
address in the dialog that opens.
To define an IP address by using a Network element, click Add and select Network
Element. Select a predefined Alias element that represents the IP address of the DNS of
a dynamic network interface, a Host element, or an External DNS Server element from
the dialog that opens, or click the New icon and select Host or External DNS Server to
define a new element.
6. Select the correct Location for this engine if there is a NAT device between SMC
components affecting this engine’s communications.