User Interface
R&S
®
GP-E/GP-S
25User Manual v16.2.1 ─ 01
Field Description
"QoS Upstream" / "QoS
Downstream"
Optional: To ensure Quality of Service, enter the bandwidth thresholds that
should be applied to traffic matching this rule. The two input fields determine
the maximum bandwidth (in bits per second) for download and upload. For
an application example using QoS, see Chapter 4.1.5, "Using Quality of
Service", on page 135.
"Transport Protocol" Optional: Specify the protocol to which the rule should be applied. You can
select TCP or UDP from the drop-down list.
"Source Port" Optional: To limit the rule to apply only to traffic originating from a certain
source port, specify the source port by entering individual values or ranges.
"Destination Port" Optional: To limit the rule to apply only to traffic being transmitted to a speci-
fied destination, specify the destination port by entering individual values or
ranges.
In the "Security" section, you can select the security features to be applied in the
rule:
Field Description
"IDS/IPS" Optional: Select this checkbox to compare traffic to the database of known
threats before further evaluation. For more information, see Chapter 3.4.6.2,
"IPS/IDS Profiles", on page 98.
"FTC" Optional: To capture network traffic to identify the precise timing, scope, and
nature of a malicious attack from outside or inside sources on your network,
select this checkbox. When the firewall rule hits, the network traffic is cap-
tured until the rule does not trigger Forensic Traffic Capture anymore or the
resources no longer support the rule. To view and download the captured
files, see "FTC Data" on page 66 for more information.
"Anti Malware" Optional: Select this checkbox to compare traffic to a list of known viruses,
malware and other threats (available for HTTP, FTP, IRC, MSN, OSCAR
and YAHOO).
"SSL Inspection" Optional: Select this checkbox to unpack and analyze encrypted traffic.
Important: If you decide to use the whitelisting approach and enable SSL
inspection in firewall rules together with SSL related protocols (e.g. FTPS,
HTTPS, IMAPS, POP3S and SMTPS), network traffic will flow through gate-
protect Firewall until SSL encryption is detected. Unless you select these
protocols in firewall rules further down the list as well, you might want to cre-
ate a firewall rule with the undesired protocol selected from the "Applica-
tions / Protocols" list and the action being Drop or Reject. The protocol
will then be dropped or rejected as long as SSL is not activated.
Note: "SSL Inspection" can only be selected after an application, a protocol
or a custom decoder has been specified.
The "Application Filters" section contains the following options:
Firewall Rule Settings
To Next Page
Loading...