Packet Filter Policies
44
WatchGuard System Manager
HBCI
The Home Banking Computer Interface (HBCI) is a standard created for bank customers and
manufacturers of banking products.
Characteristics
•
Internet Protocol(s): TCP
•
Port Number(s): 3000
HTTP
An HTTP packet filter will not apply the HTTP proxy rule set to any traffic. To proxy HTTP traffic, use the
HTTP proxy policy. We recommend that HTTP be allowed only to public HTTP servers located behind
the Firebox.
External hosts can be spoofed. WatchGuard cannot verify that these packets were actually sent from
the correct location. You can configure the Firebox to add the source IP address to the Blocked Sites list
whenever an HTTP connection to a computer protected by the Firebox is denied. All of the usual log
options can be used with HTTP.
Characteristics
•
Internet Protocol(s): TCP
•
Port Number(s): 80
HTTPS
HTTPS is a secure and encrypted version of the HTTP protocol. The client and the web server set up an
encrypted session on TCP port 443. Because this session is encrypted, the proxy cannot examine
packet contents using a proxy. This policy uses a packet filter to examine the connection.
Characteristics
•
Internet Protocol(s): TCP
•
Port Number(s): 443