EasyManua.ls Logo

AhnLab TrusGuard - Page 96

AhnLab TrusGuard
120 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
3
96 AhnLab TrusGuard Installation Guide
Register CRL of external CA server: VPN > Certificate > CRL
Certificate by external CA server to TrusGuard: VPN > Certificate > Certificate
Use TrusGuard as CA server
Create certificate profile: VPN > Certificate > Certificate Profile
Create local CA server certificate: VPN > Certificate > CA Certificate
If you use TrusGuard as the CA server, the user certificate signed as the local CA certificate while
registering the user account will be automatically generated. Define the information needed to
create the certificate in the certificate profile in advance.
Connect to External Auth Server
The communication protocols that support connection to the authentication server are RADIUS, LDAP
(Simple Authentication), LDAP (Start TLS), LDAPS and Active Directory.
1 Register the authentication server to connect in Profile > User > Auth Server.
2 Register the authentication server group in Profile > User > Auth Server Group.
To communicate with LDAP (Start TLS) and LDAPS server, you need the authentication server's
certificate.
Step 4: Register Time to Apply Policy
Check whether there is communication to allow or block at specific times. Register the time to apply
the policy as a profile in Object > Schedule > Schedule.
Schedule profile can be used to use firewall policy at the specified time only.
Schedule profile is used when sending TrusGuard’ settings and policies regualry to the FTP or SFTP
server for backup (only starting time).
Step 5: Register QoS Profile
Check whether ther is service to apply QoS. Set the QoS profile in Object > QoS > QoS.
QoS is applied when the traffic with firewall policy applied goes out the network port (TX).
Set the total of QoS allotted to the network port to be below 90% the bandwidth.
Step 6: Set IPS Profile
The IPS profile provided as default includes all signature and behavior rules. Set the IPS profile based
on the network/host to protect in IPS > IPS Profile > IPS Policy.
Set the IPS policy to suit the OS and services of the network/host to protect.
IPS profile is used in the unit of firewall policy.
Change the Action for Predefined Behavior to Allow.

Table of Contents