Manualshelf

User manual

ManualsBrandsSecure Computing ManualsComputer equipmentSG550
161162163164165166167168169170
Firewall
166
In addition to enforcing the services aspect of security groups, it is possible to include a
number of NASL (Nessus Attack Scripting Language) scripts in /etc/config on the unit and
to define some or all of these to be run against the target hosts. Typically, one would use
attack scripts from the Nessus suite to scan for specific vulnerabilities and exploits on a
host. If any script detects such a vulnerability, Internet access is again blocked. The list
of available scripts is automatically populated from the files ending with .nasl in
/etc/config.
Security groups may overlap with respect to hosts within them. In this case, a single
allow service overrides any number of denies of that same service. However, NASL
scripts and overlapping groups do not interoperate particularly and should be avoided.
The top level page has a checkbox Block Unscanned Hosts which defines the
behaviour for a host which hasn't been scanned or is not defined to be scanned.
The Minimum Inter Probe Delay specifies a minimum number of seconds between
scans of a single host. It also specifies the maximum time for changes to take effect.
The Simultaneous Probes setting specifies the maximum number of different hosts that
should be scanned together.
Content filtering
Note
Content filtering is only available after your have registered your SG unit and activated
your content filtering licence (sold separately). See the Obtaining a content filtering
licence section below.