Andrisoft wanguard 6.2 Скачать руководство пользователя страница 128

Страница: 128 / 131

Wanguard 6.2 User Guide

Appendix 5 – Software Changelog

Wanguard 6.1

Release date: December 3 2015

➢

Administrators can create custom decoders that identify flows or packets sharing a certain pattern (e.g. to

differentiate and classify the underlying protocols) in Configuration » General Settings » Custom Decoders.

➢

New Filter mitigation options in Configuration » General Settings » Mitigation Options:

◦

TCP SYN Proxy

◦

invalid TCP flags

◦

invalid DNS packets

◦

private/reserved IPs

◦

connection-oriented or connection-less traffic rate-limiting

◦

blacklisting by IP reputation services

➢

Filter can apply new filtering rules for: specific packet payloads, countries, DNS transaction IDs.

➢

Filtering rules can be disabled, re-ordered and fine-tuned for each decoder.

➢

A tighter integration between Filter and the software firewall (Netfilter framework) and Chelsio hardware

filters. Newly generated anomaly reports contain pass/drop graphs for mitigated attacks.

➢

Console users can create custom firewall rules in Reports » Tools » Firewall Rules.

➢

New Software Firewall options in the Filter Configuration window. A new “FW Policy” field on Whitelist rules

that explicitly permits traffic through the Software Firewall.

➢

Configuration » General Settings » Anomaly Detection contains a new option for deduplicating anomalies

that indicate the same attack matched by different decoders.

➢

Filter Clusters can be associated with other Filter Clusters.

➢

BGP Connectors can be configured to allow BGP announcement withdrawals to be done after business

hours.

➢

Sensor graphs now use RRDCached when it is defined in Configuration » General Settings » Graphs & Storage

Configuration.

➢

Enhanced user authentication methods. New RADIUS options and a new HTTP authentication option.

➢

A new TCP-ALL decoder.

➢

The Latest Events tab from the South Region contains selectors for severity and components.

➢

User role renamed Guest. Administrators can allow Guest access to Reports » Tools with greater granularity.

➢

Configuration » General Settings » Anomalies renamed Anomaly Detection. Reports » Alerts & Tools

renamed Tools.

➢

Unattended installation when the following shell environment variables are set:

WANGUARD_INSTALL_DB_USER, WANGUARD_INSTALL_DB_PASS, WANGUARD_CONSOLE_IP,

WANGUARD_CONSOLE_DB_PASS.

➢

User Guide updated. Contains new Appendixes describing advanced BGP configurations.

- 128 -

Содержание wanguard 6.2

Страница 1: ......

Страница 2: ...pyright Acknowledgment 2016 ANDRISOFT S R L All rights reserved All rights reserved This document is copyrighted and ANDRISOFT S R L reserves all rights No part of this document may be reproduced or t...

Страница 3: ...pts of Wanguard Console 19 19 Side Region 19 Central Region 19 South Region 19 Upper Menus 19 6 6 Configuration General Settings Graphs Storage Configuration General Settings Graphs Storage 20 20 Sens...

Страница 4: ...nfiguration General Settings Outgoing Email Configuration General Settings Outgoing Email 70 70 24 24 Configuration General Settings User Management Configuration General Settings User Management 71 7...

Страница 5: ...a CatOS Device 106 Configuring NDE on a Native IOS Device 106 Configuring NDE on a 4000 Series Switch 107 Configuring NDE on IOS XE 107 Configuring NDE on a Juniper Router non MX 107 33 33 Appendix 3...

Страница 6: ...line behavior of users and by comparing over 130 live traffic parameters against user defined thresholds ON PREMISE DDOS MITIGATION Protects networks by using BGP blackhole routing or FlowSpec protect...

Страница 7: ...ensor provides traffic anomaly detection bandwidth monitoring and traffic accounting The collected information allows you to generate complex traffic reports graphs and tops instantly pin down the cau...

Страница 8: ...riodically send them as flow records to a Flow Sensor Because the flow protocol already performs pre aggregation of traffic data the flow data sent to Flow Sensor is much smaller than the monitored tr...

Страница 9: ...e It is recommended to use an SNMP Sensor only for devices that are unable to export flows or mirror packets or when comparing flow and SNMP derived statistics to ensure the flow data accuracy The tab...

Страница 10: ...be configured to send notification emails to the ISP s originating non spoofed attacks DDoS Mitigation with Wanguard Filter When a Sensor detects that a destination is under attack it executes a Resp...

Страница 11: ...un on a powerful server to be able to do packet inspection on high speed interfaces Each configuration option is covered on page 55 Flow Filter analyzes NetFlow jFlow NetStream cflowd sFlow or IPFIX f...

Страница 12: ...path It receives flows from a Flow Sensor or a copy of packets from a TAP or mirroring port Direct filtering is not possible but the Filter is still able to generate filtering rules that improve the...

Страница 13: ...anguard was designed to be completely scalable It can be installed either on a single server having adequate hardware resources or on multiple servers distributed across the network It is highly recom...

Страница 14: ...y need Adobe PDF Reader For the best experience use a 1280x1024 or higher resolution display Packet Sensor Hardware Requirements Packet Sniffing Capacity 1 Gbit s 1 400 000 packets s 10 Gbit s 14 000...

Страница 15: ...PU speed Flow Sensor can store flow data on the local disk in a highly compressed binary format SNMP Sensor Hardware Requirements Capacity Minimum Hardware Requirements for 20 Devices Architecture 64...

Страница 16: ...routing performance during spoofed attacks and SYN floods However the filtering and packet forwarding capacity may not be line rate during powerful attacks with small packets The hardware filters supp...

Страница 17: ...nd centralized system through which you can control and monitor all other components If you have correctly followed the installation instructions from now on you will only need to log in to Console to...

Страница 18: ...low Sensors can use a single Flow Filter Wanguard Filter works only in conjunction with Wanguard Sensor Sensor Cluster and Filter Cluster are free and do not require licensing Console is free and it d...

Страница 19: ...5 to 10 seconds The Reports section title bar contains a Quick Search button Keyboard shortcut Ctrl S Central Region Each report dashboard or tool you select in the Side Region opens a tab page in th...

Страница 20: ...that receive traffic without sending any traffic in return Do not set it to Off when monitoring unidirectional links or asymmetric traffic The size of each IP graph file is listed on the bottom of th...

Страница 21: ...es TCP traffic with RST flag set TCP ACK Matches TCP traffic with SYN flag unset and ACK set TCP SYNACK Matches TCP traffic with SYN flag set and ACK flag set HTTP Matches TCP traffic on source or des...

Страница 22: ...h subnet are listed in the IP Zone and the current disk usage in Configuration General Settings Data Retention The internal program used for saving IP graph data is opt andrisoft bin genrrds_ip If it...

Страница 23: ...nguard Sensor detects traffic anomalies using two different and non exclusive methods Threshold Anomalies Detected for user defined threshold values Thresholds can be defined inside IP Zones for the d...

Страница 24: ...e destination port under 1024 enter udp and dst portrange 1 1023 Flow Filtering Expression Enter a filtering expression for flows if you intend to use a Flow Sensor and or Flow Filter Click the light...

Страница 25: ...x 2000000 sbin sysctl w net netfilter nf_conntrack_tcp_loose 0 sbin sysctl w net ipv4 tcp_timestamps 1 Invalid TCP Flags When enabled the Filter blocks all invalid TCP flags immediately after its acti...

Страница 26: ...r each filtering rule type Enabled Check to allow the Filter to detect the filtering rule automatically Filtering Rule Describes the filtering rule Priority By double clicking the cell you can change...

Страница 27: ...to the action name Each action panel contains specific fields The following fields are common Action Name Name or short description of the action Action Priority Select the order of execution relativ...

Страница 28: ...IP It is ip if the DNS lookup is not returning a DNS PTR record 3 CIDR Number cidr The IP mask of the IP address or IP block 4 Prefix String prefix The IP CIDR from your network that is originating or...

Страница 29: ...anomalies in Reports Tools Anomalies 22 Custom Script Return Value String The conditional parameter passes only when the script entered in the Value field returns 0 The Comparison field must be set t...

Страница 30: ...ed anomalies 16 Peak Value Number value The highest value of the abnormal traffic It represents pkts s or bits s depending on the anomaly unit 17 Latest Value Number latest_value The latest value of t...

Страница 31: ...y for the TOTAL decoder 6 TOTAL Bits Number sum_total_bits The sum of bits of the IP or subnet recorded during the anomaly for the TOTAL decoder TIME RELATED PARAMETERS 1 From unixtime Number from_uni...

Страница 32: ...The number of bits filtered by active Filter s 12 Filters CPU Usage Number filters_max_cpu_usage The maximum CPU used by active Filter s instance s FILTERING RULE PARAMETERS 1 Filtering Rule Number f...

Страница 33: ..._rule_log_size The size of the packet trace that captures traffic matched by the filtering rule Needs a Capture Traffic action 18 String attacker_isp If the filtering rule is for an IP this dynamic pa...

Страница 34: ...contains at least the 0 0 0 0 0 network Since the CIDR mask is 0 this supernet includes all IP addresses available for IPv4 and IPv6 For an easier configuration every new prefix that you define inheri...

Страница 35: ...Response Select a previously defined Response or select None to have no reaction to anomalies other than displaying them in Reports Tools Anomalies Active Anomalies Parent Select Yes if more specific...

Страница 36: ...erent threshold values define only the smallest threshold value and then use preconditions inside the Response For example if you want to activate Filter for UDP attacks stronger than 100 Mbps but als...

Страница 37: ...talled on the server Hardware Key Read only string used for licensing purposes The hardware key field is updated by the WANsupervisor service on installation or when the hardware IP or hostname change...

Страница 38: ...s Device Group Optional description used within Console to group up components e g by location or role It can be used to restrict the access of Guest accounts Sensor Server The server that runs the Pa...

Страница 39: ...selected IP Zone Strict Packet Sensor analyzes the traffic that has either the source or the destination IP in the selected IP Zone Exclusive Packet Sensor analyzes the traffic that has the destinati...

Страница 40: ...Sensor license On a quad core CPU with multithreading the ixgbe driver allocates 8 RSS queues In this case if you define a Packet Sensor for ethX 0 3 and another one for ethX 4 7 the packet processin...

Страница 41: ...ver on the configured interface Verify whether the server is receiving packets through the configured interface tcpdump i interface_usually_eth1_or_p1p2 n c 100 When IP Validation is not disabled make...

Страница 42: ...Server The server that runs the Flow Sensor The configuration of servers is described on page 37 Listener IP Port The IP address IPv4 or IPv6 of the network interface that receives flow packets and th...

Страница 43: ...flows having the AS number set to 0 your AS are processed This rarely used option is used for establishing traffic direction AS validation has three choices Off Disables AS validation On Only flows th...

Страница 44: ...name in Configuration Components Ensure that the Flow Sensor starts correctly by watching the event log details on page 69 If the Flow Sensor starts without errors but you can t see any data collecte...

Страница 45: ...n JunOS there is a flow export rate limit with a default of 1k pps which leads to flow aging errors To raise the limit to 40k pps execute set forwarding options sampling instance NETFLOW family inet o...

Страница 46: ...Guide Configuration Components Flow Sensor interface To troubleshoot Sensor graph or IP graph issues follow the Graphs Troubleshooting guide from page 22 Make sure you are running the latest version o...

Страница 47: ...rs on the Console server The configuration of servers is described on page 37 Polling Interval Polling is the process of sending the SNMP request periodically to the device to retrieve information A l...

Страница 48: ...e and the SNMP Community String stored as a MIB object on an SNMP enabled managed device Security Level Name SNMP v3 only SNMP Sensor supports the following set of security levels as defined in the US...

Страница 49: ...tarts correctly by watching the event log details on page 69 If the SNMP Sensor starts without errors but you cannot see any data collected by it in Reports Components Overview after more than 5 minut...

Страница 50: ...ports and percentage based bits s thresholds Associated Sensors Select which Packet Sensors and Flow Sensor interfaces must be aggregated by the Sensor Cluster IP Zone Sensor Cluster extracts from the...

Страница 51: ...Traffic The logs are stored in Reports Tools BGP Operations BGP Announcement Archive If you do not need any of those features you can safely skip this chapter Wanguard supports two different back ends...

Страница 52: ...ack Hole Check if you need the local black hole feature provided by the Zebra daemon This rarely used feature may be useful only for in line servers Quagga Zebra Login Enable Passwords The passwords n...

Страница 53: ...ection Switches the source IP with the destination IP in each announcement Set to Inverted only when doing symmetric routing Reject External IPs When this option is selected only the announcements for...

Страница 54: ...emon is not configured or accessible from the Console server Telnet errors about pattern time outs indicate mismatches between a parameter defined in the BGP Connector password AS number route map AS...

Страница 55: ...esides in the main data path configured as a network bridge or as an OSI Layer 3 router To enable routing on the filtering server follow the steps required by your Linux distribution At least the foll...

Страница 56: ...work adapter with a Sniffer 10G license Click the button on the right for driver specific settings PF_RING Select to use the PF_RING 6 4 framework to speed up packet processing Click the button on the...

Страница 57: ...purposes Click the options button on the right to be able to configure the following Software Firewall parameters Netfilter Chain set to FORWARD if the server forwards traffic or INPUT if it does not...

Страница 58: ...le to the whitelist enter the following information Description Add a description for the whitelist rule Prefix Enter a subnet that must include the anomaly IP address for the whitelist rule to be val...

Страница 59: ...3 To prevent getting Location out of range errors from the ixgbe driver load it with the right parameters in order to activate all 8k filtering rules To view filtering rules applied by the Chelsio T4...

Страница 60: ...erver running the Flow Filter Layer 2 3 Inline filtering Flow Filter runs on a server that resides in the main data path configured as a network bridge or as an OSI Layer 3 router To enable routing on...

Страница 61: ...AN interfaces Outbound Interface The cleaned traffic is sent to a downstream router through the outbound interface which should hold the route to the default gateway For GRE IP over IP tunneling confi...

Страница 62: ...ault value is 1 Must be equal to the number of filtering servers activated for the same anomaly when the Flow Filter is used in a clustered architecture where each filtering server receives traffic fr...

Страница 63: ...neric filtering rule might match the white listed filtering rule When a filtering rule cannot be applied because it conflicts with a whitelist rule a small white flag icon appears next to it in Consol...

Страница 64: ...resides in the main data path configured as a network bridge or as an OSI Layer 3 router To enable routing on the filtering server follow the steps required by your Linux distribution At least the fo...

Страница 65: ...e that makes the server next hop for the attacked IP address When the attack ends the Filter Cluster automatically withdraws the BGP announcement and the traffic towards the IP address is routed norma...

Страница 66: ...IPs Up to 4086 hardware filters possible Intel x520 or x540 10 Gigabit adapter blocks IPv4 destinations Filter Cluster programs the Intel chipset to drop IPv4 addresses from filtering rules that cont...

Страница 67: ...rs for strings and numbers equal non equal Operators for numbers less than greater than Rule Value A user defined value that should match FW Policy When FW Policy is Permit and Operator is equal the F...

Страница 68: ...Schedulers and click the button from the title bar of the panel You can include more than one email address in the Email To field by separating addresses with a comma The emails are sent periodically...

Страница 69: ...tes the maximum severity of the events red means that there are ERRORS blue is for INFO events etc The event s severity indicates its importance MELTDOWN Meltdown events are generated in severe situat...

Страница 70: ...a local Mail Transfer Agent Sendmail Send emails using the sendmail command To use it you may have to configure a Mail Transfer Agent Postfix Qmail Sendmail on the Console server SMTP Security Securi...

Страница 71: ...selected account There are two Authentication options Local Password The user is authenticated with the password entered in the Password field All passwords are stored encrypted Remote Authentication...

Страница 72: ...SL set this parameter as ldaps IP Login Attribute Enter the LDAP attribute that contains the username For Active Directory is may be mailNickname or sAMAccountName for OpenLDAP or IBM Directory Server...

Страница 73: ...a user or network host to an authentication entity MSCHAP is the Microsoft version of the Challenge handshake authentication protocol CHAP MSCHAP2 is another version of Microsoft version of the Chall...

Страница 74: ...and its reverse DNS In front of the prefix the arrow indicates the direction of traffic inbound when the arrow is pointing towards the prefix or outbound when the arrow is pointing away from the pref...

Страница 75: ...adjusted Delete BGP Prefix available if a BGP announcement with the prefix exists Generate Anomaly Report generates a full anomaly report that can be viewed in a separate tab or emailed to interested...

Страница 76: ...r from the Filter configuration BGP FlowSpec or S RTBH controlled by the BGP FlowSpec parameter from the Filter configuration and activated by a Response action Third party Firewall activated by a Res...

Страница 77: ...omalies button from the top toolbar clears active anomalies by manipulating the database Anomaly Overview Shows trends and summarizations of traffic anomalies detected by the selected Sensors using th...

Страница 78: ...there is at least one active BGP announcement the following table is displayed BGP Connector Which BGP Connector was used to sent the routing update When Grouping is set to BGP Connector clicking it...

Страница 79: ...e users By clicking the down arrow of any column header you can apply row filters change sorting direction and toggle the visibility of columns All columns are explained in the previous section except...

Страница 80: ...Select the Filters that must apply the firewall rule according to their configuration Interfaces Netfilter Chain Netfilter Table IP Protocol s Select one or more IP protocols or Any to match all packe...

Страница 81: ...cription A short name that helps you identify the firewall rule This is the only mandatory field Direction Select Inbound to match packets entering your network through interfaces defined as Inbound i...

Страница 82: ...ut formats or you can type your own format Click the light bulb icon on the left to open a window that shows you the correct syntax Export If the output is not very large it can be viewed emailed or p...

Страница 83: ...utput is not very large it can be emailed or printed If you need to list huge amounts of flow data doing so solely from within the web browser may not be a good idea In this case select the Dump optio...

Страница 84: ...ess Stop Capture Time When Max Running Time is set to Unlimited you can set the exact date when the capturing thread will stop Max File Size MB The option is used for splitting packet dumps into multi...

Страница 85: ...of dump files generated and the size of the latest dump file Packets The number of packets captured Actions Click the first icon to view the latest dump file in an integrated packet analyzer interfac...

Страница 86: ...onents and servers Console The table displays the following data Status A green check mark indicates that Console is functioning properly When a red X appears enable the WANsupervisor service on the C...

Страница 87: ...quad core system is 400 CPU IOwait Percentage of CPU resources waiting for I O operations A high number indicates an I O bottleneck CPU Idle Percentage of idle CPU resources Can be 100 on multiple co...

Страница 88: ...for errors in the event log see page 69 Sensor Name Displays the name of the Packet Sensor and a colored square with the color defined in its configuration Click to open a new tab with data specific...

Страница 89: ...bits second throughput after IP or AS validation and usage percent Outbound Bits s Outbound bits second throughput after IP or AS validation and usage percent IPs Int Ext IP addresses that send or re...

Страница 90: ...liverable to a higher layer protocol One possible reason for discarding such a packet could be to free up buffer space Oper Status Current operational state of the interface The Testing state indicate...

Страница 91: ...e Prefix IP address mask of your network that is originating or being the target of the traffic anomaly Click to open a tab with data specific to the IP block or address IP Group IP group of the prefi...

Страница 92: ...und packets second on Y axis and outbound packets second on Y axis Bits Inbound bits second on Y axis and outbound bits second on Y axis Applications Sensor can collect application specific distributi...

Страница 93: ...ed dimension or enter a custom one in a X x Y format where X and Y are the X axis and Y axis pixels Graphs Title Graphs can have an automatically generated title for the Auto option no title for the N...

Страница 94: ...ons IPv4 or IPv6 Available when the Top Generator parameter from the Sensor configuration is set to Basic Decoder Select the decoder that analyzes the type of traffic that interests you Direction Dire...

Страница 95: ...ct to generate a single graph for all selected Sensors Group ASNs Select to show a single graph for multiple AS numbers Country Graphs Flow Sensors and Packet Sensors can generate traffic and bandwidt...

Страница 96: ...Filter Graphs This sub tab allows you to view a variety of Filter related histograms for the selected Filter s Data Units Select one or more data units Most Used Frequently used data units Anomalies...

Страница 97: ...regation type If you are interested in average values choose the AVERAGE aggregation type If you are interested in low values choose the MINIMUM aggregation type Group Filters Select to generate a sin...

Страница 98: ...e dashboard configuration you can edit the name of the dashboard set permissions layout or choose to override the time frame of widgets with the time frame of the dashboard The dashboard contains widg...

Страница 99: ...ub tabs share the following common toolbar fields Sensor Select the Sensors you are interested in or select All to select all Sensors Administrators can restrict the Sensors accessible by guest accoun...

Страница 100: ...ecoder can be included in both TCP and HTTP thus generating a decoder conflict Check this option to stop detection of conflicting decoders in order to generate more intuitive but potentially inaccurat...

Страница 101: ...nd filter the flow data collected by the selected Flow Sensors for the selected IP block host or group The options are described in the Flow Collectors chapter on page 82 Flow Tops This sub tab is vis...

Страница 102: ...s Console Server Graphs Server Graphs allows you to generate various histograms for the selected server s Data Units Select one or more data units Most Used Frequently used data units System Load Load...

Страница 103: ...for the graph legend Consolidation If you are interested in spikes choose the MAXIMUM aggregation type If you are interested in average values choose the AVERAGE aggregation type If you are intereste...

Страница 104: ...32 C 8192 255 255 224 000 18 64 C 16384 255 255 192 000 17 128 C 32768 255 255 128 000 16 256 C 1 B 65536 255 255 000 000 15 512 C 2 B 131072 255 254 000 000 14 1024 C 4 B 262144 255 252 000 000 13 2...

Страница 105: ...te cache flow For example interface FastEthernet0 ip route cache flow interface Serial2 1 ip route cache flow It is necessary to enable NetFlow on all interfaces through which traffic you are interest...

Страница 106: ...enable set mls nde version 5 The following command is required to set up flow mask to full flows switch enable set mls flow full The following commands break up flows into shorter segments 1 minute f...

Страница 107: ...evice but instead of command ip route cache flow use command ip route cache flow infer fields This series requires a Supervisor IV with a NetFlow Services daughter card to support NDE Configuring NDE...

Страница 108: ...ata Export interfaces ge 0 1 0 unit 0 family inet filter input all output all address 192 168 1 1 24 firewall filter all term all then sample accept forwarding options sampling input family inet rate...

Страница 109: ...rigger After an attack is detected Sensor signals the IBR Internet Border Router via BGP that all traffic destined to IPv4 Victim has to be dropped In more details Sensor advertises via BGP an IPv4 Vi...

Страница 110: ...mat r7500 config ip community list Wanguard Sensor community name permit BH community e g 65000 66 r7500 config route map Wanguard Filter in permit 10 r7500 config route map match community Wanguard S...

Страница 111: ...y which sets a higher priority on black hole route e g set Local Preference at 200 for BH route The direction and place where BGP routing policy has to be implemented are strongly dependent on What ro...

Страница 112: ...rations is for informational purposes only Please refer to the appropriate router user guides for more detailed and up to date information Understanding the Traffic Diversion Method The method relies...

Страница 113: ...that is usually the next hop to the destinations according to the routing table on the Divert from router before traffic diversion is activated Figure 1 Logical Diagram for an Enterprise Network how t...

Страница 114: ...efixes with well known community no advertise this would prevent redirect prefixes announcements to be propagated to other peers through BGP The no export community might be used in case redirect pref...

Страница 115: ...hown in the following example Please note that you can use the prefix list route map or distribute list method for filtering outgoing routing information about the router To have a uniform approach th...

Страница 116: ...nstead of Quagga BGPd if you need FlowSpec ExaBGP is still under heavy development at the time of writing and some essential features are only available on the latest version 4 0 branch On Debian Ubun...

Страница 117: ...7200 config route map match community Wanguard Filter community name exact r7200 config route map exit r7200 config route map Wanguard Filter out deny 10 r7200 config route map exit r7200 config route...

Страница 118: ...lter in in no synchronization ip bgp community new format ip community list expanded Wanguard Filter permit no advertise ip community list expanded Wanguard Filter permit Wanguard Filter community rou...

Страница 119: ...be identified depending on the existing network setup and which device may have the role of Divert from Inject to and Next hop router 1 Layer 2 Forwarding Method 2 Layer 3 Forwarding Method Layer 2 F...

Страница 120: ...a the Inject to Next hop routers Warning Any special L2 configuration on Filter interface e g bonding VLAN tagging etc will impact scrubbing forwarding performance of Filter while hardware optimizatio...

Страница 121: ...ter cleans the traffic and returns the cleaned traffic to the same router Inject to Divert from The Inject to router has the redirect route 32 in its routing table and will send back the clean traffic...

Страница 122: ...rs exist then the following have to be considered too multiple GRE tunnels have to be deployed and static routes at Filter level have to be considered or multiple entries on PBR matching each zone dep...

Страница 123: ...map set ip next hop C C C C where C C C C is the IP of Next hop router which is direct connected to Divert from router r7200 config route map exit r7200 config interface GigabitEthernet 0 0 r7200 con...

Страница 124: ...e RT e g 65000 100 and also inside RT e g 65000 200 export routes with outside RT excepting the redirect diversion routes on VRF inside import the routes having inside RT and specific routes having ou...

Страница 125: ...00 config r7200 config interface to Upstream Provider r7200 config if ip vrf forwarding Outside Warning This will remove IP address from interface IP address has to be reconfigured again r7200 config...

Страница 126: ...7200 config router af no synchronization r7200 config router af redistribute connected r7200 config router af redistribute other IGP static if needed r7200 config router af exit address family r7200 c...

Страница 127: ...the logical combination of other Conditional Parameters New Response actions Send a visual or audio notification to all logged in Console users Send a custom SNMP Trap Apply the filtering rule on a th...

Страница 128: ...ilter Configuration window A new FW Policy field on Whitelist rules that explicitly permits traffic through the Software Firewall Configuration General Settings Anomaly Detection contains a new option...

Страница 129: ...rts and Configuration side regions can be set apart by user preference e g one on the right and one on the left New Ctrl R keyboard shortcut toggles side regions Configuration General Settings Data Re...

Страница 130: ...iguration Schedulers items can be activated inactivated with a single right click Configuration General Settings License Manager Requirements lists all the required licensing data Various aesthetic im...

Страница 131: ...cement Archive displays BGP Connector Role Filter The Filter renamed Packet Filter A new Flow Filter able to detect attackers from flow data analyzed by a Flow Sensor A new Filter Cluster able to clus...

Результаты поиска

Содержание wanguard 6.2

Отзывы:

Похожие инструкции для wanguard 6.2

Бренды по названию

Популярные бренды

Andrisoft wanguard 6.2, Руководство пользователя

Результаты поиска

Содержание wanguard 6.2

Отзывы:

Похожие инструкции для wanguard 6.2

Бренды по названию

Популярные бренды