EasyManua.ls Logo

Quantum SPARK 1500 - Configuring; Limitations

Quantum SPARK 1500
461 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
IoT
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|256
For example, an IP camera may show multiple assets from a number of different vendors. The
policy details include:
n
Access from the internet - Domains that attempt to connect to your device. Options:
Prevent, Monitor, Block, Exclude from IoT policy.
n
Access to the internet - Domains to which your device attempts to connect. Options:
Prevent, Monitor, Block, Exclude from IoT policy. For IPcameras and printers, the
default is Prevent but for other devices the default is Monitor. For some devices (for
example, smart TV), access to the internet is disabled.
n
Approved destinations - To add a new destination to the approved list, enter a value and
click the +.
n
Log traffic for this asset - Send logs for this device or not.
Configuring
The IoT rules appear on the Access Policy > Firewall Policy page. General rules for IoT are
preconfigured. For example, there are some domains that are always allowed, and some
domains that are always blocked. All attempts appear in the logs, and you can receive
notifications of this activity.
The policy rules show which domains are allowed. A request to access a blocked domain is
dropped. You can make these changes to the policy:
n
Do not drop traffic but do monitor if an asset attempts to access a site you do not want it
to access.
n
Prevent traffic. All domains are now blocked except for the domain where you send the
logs.
n
Add a custom destination to the allowed domain services. For example, if you want the
printer to upload photos to Google Cloud, you can add this destination.
Limitations
n
Approved destinations in IoT support only a single IP address or a single domain. It is not
possible to add an approved destination for a specific port or a service.
n
IoT is not supported on Locally Managed Quantum Rugged models: 1570R, 1575R, and
1595R.
n
If IoT is behind an Access Point (AP) or a Layer 3 device, configure it as a Layer 2
device. Otherwise, IoT policy is not applied on the hosts behind the Layer 3 device.
n
IoT policy is not enforced on IPv6 traffic.

Table of Contents

Related product manuals