EasyManua.ls Logo

Stormshield SN series - Http; IPS Tab

Stormshield SN series
448 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Proxy
This option applies to all the inspection profiles. It will not be applied on translations of the
destination.
Apply the NAT rule on
scanned traffic
By default, traffic scanned by an implicit proxy will obtain the address of the firewall’s
outgoing interface on its way out.
If this option is selected in the case of a NAT policy, address translation will be applied
to the traffic leaving the proxy scan. This option will not be applied on translations of
the destination.
Customized certificate authorities
Add the list of
customized CAs to the
list of trusted
authorities
This option enables the feature for importing certificate authorities that are not public.
These CAs will be considered trusted authorities. Certificates issued by such
customized CAs will therefore be considered trustworthy.
It is possible to Add or Delete certificate authorities by clicking on the corresponding buttons.
Public certificate authorities
A public certificate authority can be disabled by double-clicking on the status icon, enabled by
default. You may also choose to Enable all or Disable all these public CAs by clicking on the
corresponding buttons.
In order to improve monitoring, these root certificate authorities are kept up to date in the firewall’s
list via Active Update.
Trusted certificates
These are whitelisted certificates to which content inspection processes (self-signed certificates,
expired certificates, etc) defined in the Proxy tab in the SSL profile configuration will not be
applied.
In this window, you may Add or Delete trusted certificates by clicking on the relevant button.
HTTP
This plugin allows preventing large families of HTTP-based application attacks. The various
analyses that this plugin performs (in particular RFC compliance checks), validation of encoding
in URLs or checks on URL size or requests, allow you to block attacks such as Code RED, Code
Blue, NIMDA, HTR, WebDav, Buffer Overflow or even Directory Traversal…
Managing buffer overflows is fundamental at Stormshield Network, which is why defining the
maximum sizes allowed for HTTP buffers is particularly detailed.
“IPS” tab
Automatically detect
and inspect the
protocol
If this protocol has been enabled, it will automatically be used for discovering
corresponding packets in filter rules.
Page 253/448 sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
SNS - USER CONFIGURATION MANUAL V.3
PROTOCOLS

Table of Contents

Other manuals for Stormshield SN series

Preview: Product Presentation And Installation
Product Presentation And Installation66 pages

Related product manuals