1. Select: my_lw_http_alg
2. Select User-Agent Filter
3. Select Add and enter the following to allow Firefox:
• User-Agent: *Firefox/*
• Click OK
4. Select Add and enter the following to allow Chrome:
• User-Agent: *Chrome/*
• Click OK
5. Click OK
Now, create a service object and associate it with this new ALG:
1. Go to: Local Objects > Services > Add > TCP/UDP service
2. Enter the following:
• Name: my_http_service
• Type: TCP
• Destination Port: 80,443
• ALG: my_lw_http_alg
Finally, modify the NAT IP rule to use the new service:
1. Go to: Policies > Firewalling > Main IP Rules
2. Select the IP rule called int_to_ext_http
3. Go to: Service
4. Select my_http_service from the Service list
5. Click OK
6.2.4. The FTP ALG
Overview
File Transfer Protocol (FTP) is a TCP/IP-based protocol for exchanging files between a client and a
server. The client initiates the connection by connecting to the FTP server. Normally the client
needs to authenticate itself by providing a predefined login and password. After granting access,
the server will provide the client with a file/directory listing from which it can download/upload
files (depending on access rights). The FTP ALG is used to manage FTP connections through the
NetDefend Firewall.
Chapter 6: Security Mechanisms
435
To Next Page
Loading...
