User Interface
R&S
®
GP-E/GP-S
24User Manual v16.2.1 ─ 01
Field Description
"Alert Log" Optional: To add an entry to the alert log when traffic matches this firewall
rule, select one of the following alert levels from the drop-down list:
●
emergency – system is unusable (highest priority)
●
alert – action must be taken immediately
●
critical – critical conditions
●
error – error conditions
●
warning – warning conditions
●
notice – normal but significant conditions
●
info – informational messages
●
debug – any messages that do not fit into the other log levels (lowest
priority)
For more information, see "Alert Log" on page 39.
"Message" Optional: Specify the alert message to be included in the alert log entry.
The "Connection Settings" section provides the following options:
Field Description
"Policy" Select the action to be performed by the firewall rule from the drop-down
list.
New firewall rules are set to Allow by default, but you can adjust the set-
tings to one of the other values as necessary:
●
Allow – Traffic matching this rule is permitted if it is not classified as a
threat by any of the other selected modules (IDS/IPS, Anti-Malware,
Web Filter). No other rules are processed for this traffic.
●
Continue – Any traffic matching this rule is subject to further inspec-
tion: the traffic is passed on to the next rule in the list to determine
whether any other filter criteria apply. A continue rule should never be
the last rule in the list. If enabled, IDS/IPS, Anti-Malware, SSL Inspec-
tion, QoS and Web Filter are applied.
●
Drop – Traffic matching this rule is silently dropped and rule process-
ing for the associated traffic ceases.
●
Reject – Traffic matching this rule is actively rejected and rule pro-
cessing for the associated traffic ceases.
Important: If you create a rule with the Allow action and do not apply any
restrictions (security options or application filters), that rule permits all traffic
to pass unchecked.
"Source(s)" Specify the sources of the traffic flow to which the firewall rule applies. This
can be a combination of a zone and any other network objects, such as cus-
tom networks, network groups, users, etc.
If you first set up the connection between two objects on the desktop and
then started to configure a firewall rule for this connection, this input field is
pre-filled with the desktop object that was selected as the source object.
Important: If no source is selected, the rule will be applied to traffic originat-
ing from any source.
"Destination(s)" Specify the destinations of the traffic flow that the firewall rule applies to.
This can be a combination of a zone and any other network objects, such as
custom networks, network groups, users, etc.
If you first set up the connection between two objects on the desktop and
then started to configure a firewall rule for this connection, this input field is
pre-filled with the desktop object that was selected as the target object.
Important: If no destination is selected, the rule will be applied to traffic
being transmitted to any destination.
Firewall Rule Settings
To Next Page
Loading...