FWX120 Operation Manual
85
4
Enhancing security
Create an interface group
Create it in the “Configure interface group” screen.
For more details on the settings, click “Help” on the
setup screen and refer to the description displayed.
To open the “Configure interface group”
screen
From “Basic configuration page”, click the buttons
on the setup screen in the following order:
“Advanced settings” in the top page
“Configure” in “Configure policy filter”
“Execute” of the interface for which you want to
view the policy filter
(Click “Execute” of “Configure and view status
of IPv4 policy filter” if IPv4 addresses are used
for connection, or “Execute” of “Configure and
view status of IPv6 policy filter” if IPv6 addresses
are used.)
“Configure” in “List of group and user definition
service”
“Add” in “Configure interface group”
Passing only necessary packets through a dynamic
filter (policy filter)
(Continued from the previous page)
Managing interfaces,
addresses, and
services in a group
You can group given interfaces, addresses, and
services together to manage them. All you need
to do is specify the created group when you apply
the same policy to multiple interfaces, addresses,
and services. You no longer need to apply policies
one-by-one, which can save time and effort to
manage policies.
Tip
• Basically, a service conceptually refers to an
application, which includes TELNET, SMTP, POP,
FTP, and WWW.
• You can also specify a protocol and port to define a
given service (user definition service). This service is
available in policy filters that you create
(
page
87).
Example: If the “LAN2, PP1, and TUNNEL1”
interfaces are grouped together as a “WAN”
group
Simply by specifying the “WAN” group as an
interface during the configuration of a policy, you
can apply the same policy to each of LAN2, PP1,
and TUNNEL1 interfaces.
Types of groups you can create
In this product, you can create the following three
groups: interface, address, and service (protocol)
groups. You can define up to 100 groups for each
group type.
NOTE
• You can also define hierarchical groups up to two
levels.
• Different types of groups cannot be mixed. For
example, an address group cannot contain a service
group.