It is also important to understand that although whitelisting prevents a particular source from being
blacklisted, it still does not prevent NetDefendOS mechanisms such as threshold rules from
dropping or denying connections from that source. What whitelisting does is prevent a source being
added to a blacklist if that is the action a rule has specified.
For further details on usage see Section 6.5.7, “IDP Actions” and Section 10.3, “Threshold Rules”.
Note: The content filtering blacklist is separate
Content filtering blacklisting is a separate subject and uses a separate logical list (see
Section 6.3, “Web Content Filtering”).
The CLI blacklist Command
The blacklist command can be used to look at as well as manipulate the current contents of the
blacklist and the whitelist. The current blacklist can be viewed with the command:
gw-world:/> blacklist -show -black
This blacklist command can be used to remove a host from the blacklist using the -unblock option.
Example 6.22. Adding a Host to the Whitelist
In this example we will add an IP address object called white_ip to the whitelist. This will mean this IP address can
never be blacklisted.
Command-Line Interface
gw-world:/> add BlacklistWhiteHost Addresses=white_ip Service=all_tcp
Web Interface
1.
Go to: System > Whitelist > Add > Whitelist host
2.
Now select the IP address object white_ip so it is added to the whitelist
3.
Select the service all_tcp to be associated with this whitelist entry
4.
Click OK
6.7. Blacklisting Hosts and Networks
Chapter 6. Security Mechanisms
367
Summary of Contents for NetDefend DFL-1660
Page 28: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 28 ...
Page 88: ...2 6 3 Restore to Factory Defaults Chapter 2 Management and Maintenance 88 ...
Page 166: ...3 10 DNS Chapter 3 Fundamentals 166 ...
Page 254: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 254 ...
Page 268: ...5 4 IP Pools Chapter 5 DHCP Services 268 ...
Page 368: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 368 ...
Page 390: ...7 4 7 SAT and FwdFast Rules Chapter 7 Address Translation 390 ...
Page 414: ...8 3 Customizing Authentication HTML Pages Chapter 8 User Authentication 414 ...
Page 490: ...9 8 6 Specific Symptoms Chapter 9 VPN 490 ...
Page 528: ...10 4 6 Setting Up SLB_SAT Rules Chapter 10 Traffic Management 528 ...
Page 544: ...11 7 HA Advanced Settings Chapter 11 High Availability 544 ...
Page 551: ...12 3 5 Limitations Chapter 12 ZoneDefense 551 ...
Page 574: ...Default 512 13 9 Miscellaneous Settings Chapter 13 Advanced Settings 574 ...
Page 575: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 575 ...