User Manual Part 1
Table Of Contents
- Check Point Safe@Office User Guide 8.0
- Copyright & Trademarks
- Contents
- About This Guide
- Introduction
- About Your Check Point Safe@Office Appliance
- Safe@Office 500 Product Family
- Product Features
- Wireless Features
- Optional Security Services
- Software Requirements
- Getting to Know Your Safe@Office 500 Appliance
- Getting to Know Your Safe@Office 500W Appliance
- Getting to Know Your Safe@Office 500 ADSL Appliance
- Getting to Know Your Safe@Office 500W ADSL Appliance
- Contacting Technical Support
- Safe@Office Security
- Installing and Setting Up Safe@Office
- Getting Started
- Configuring the Internet Connection
- Managing Your Network
- Using Bridges
- Configuring High Availability
- Using Traffic Shaper
- Working with Wireless Networks
- Viewing Reports
- Viewing Logs
- Setting Your Security Policy
Using Rules
Chapter 13: Setting Your Security Policy 363
Rule Description
Allow This rule type enables you to do the following:
• Permit outgoing access from your internal network to a specific
service on the Internet.
Permit incoming access from the Internet to a specific service in
your internal network.
• Assign traffic to a QoS class.
If Traffic Shaper is enabled for the direction of traffic specified in the
rule (incoming or outgoing), then Traffic Shaper will handle relevant
connections as specified in the bandwidth policy for the selected
QoS class. For example, if Traffic Shaper is enabled for outgoing
traffic, and you create an Allow rule associating all outgoing Web
traffic with the Urgent QoS class, then Traffic Shaper will handle
outgoing Web traffic as specified in the bandwidth policy for the
Urgent class.
For information on Traffic Shaper and QoS classes, see Using
Traffic Shaper on page 251.
Note: You ca
nn
ot use an Allow rule to permit incoming traffic, if the network or
VPN uses Hide NAT. Use an “Allow and Forward” rule instead. However, you
can use Allow rules for static NAT IP addresses.
Block This rule type enables you to do the following:
• Block outgoing access from your internal network to a specific
service on the Internet.
• Block incoming access from the Internet to a specific service in your
internal network.
• Block connections between hosts on different internal networks.