Billion BiGuard S10 Скачать руководство пользователя

Страница: 119 / 182

Firewall

109

6. Click

Create

7. Type a descriptive name for this filter, select

LAN to WAN

from the

Packet Flow

drop-

down list and check the

Reverse Direction

box.

8. Select

HTTP

from the

Service

drop-down list, and select the newly created address

from the

To Address

drop-down list.

9. Click

Apply

. The new filter appears in the

Packet Filtering Parameters

list.

From here, you can click

Edit

to change filter parameters or click

Delete

to remove the filter

from the list.

Содержание BiGuard S10

Страница 1: ...Administration Guide Administration Guide Version Release v101_08302006...

Страница 2: ......

Страница 3: ...s device complies with Part 15 of FCC rules Operation is subject to the following two conditions This device may not cause harmful interference This device must accept any interference received includ...

Страница 4: ...a where it can be stepped on DO NOT use the BiGuard S10 in environments with high humidity or high temperatures DO NOT use the same power source for the BiGuard S10 as other equipment DO NOT use the B...

Страница 5: ...N Applications 10 Network Extender 10 Transport Extender 10 Network Places 11 Application Proxy 11 SSL VPN Features 11 Granular Access Control 12 SSL VPN Certification 13 SSL VPN Portals 14 Authentica...

Страница 6: ...s 55 Configuring Ethernet MAC Filtering 56 Configuring Content Filtering policies 57 Configuring the System 59 Setting the Time Zone 59 Enabling Remote Access 60 Upgrading the BiGuard S10 Firmware 60...

Страница 7: ...IP network address 95 Hardware problems 96 LAN interface problems 97 Disabling pop up windows 98 JavaScripts 98 Java permissions 99 WAN interface problems 99 Internet service provider problems 100 Re...

Страница 8: ...ce DoS Attack 163 Why Use a Firewall 164 Specifications SSL VPN 165 Access Connection 165 Application Management 165 Compatible Web Browsers 165 Security 165 Firewall Content Filter 166 Web Based Mana...

Страница 9: ...en overview 21 FIGURE 19 Monitoring Status screen items 25 FIGURE 20 Device Management screen 27 FIGURE 21 Time Zone screen 28 FIGURE 22 Ethernet screen 29 FIGURE 23 DHCP status screen 29 FIGURE 24 Ma...

Страница 10: ...4 Configuring Content Filtering Policies 57 FIGURE 65 Creating a Content Filtering Profile 58 FIGURE 66 Adding an IP Exception 59 FIGURE 67 Setting the Time Zone 59 FIGURE 68 Enabling Remote Access 60...

Страница 11: ...SSL Certificate current certificates screen 79 FIGURE 96 SSL Certificate generate certificate screen 79 FIGURE 97 Downloading the CSR 80 FIGURE 98 Signing a certificate 81 FIGURE 99 Opening the CSR 8...

Страница 12: ...describes how to install and operate the BiGuard S10 Please read this manual before you install the product This manual includes the following topics Product description features and specifications Ha...

Страница 13: ...ng items are in the package NOTE IF ANY ITEM IS MISSING OR APPEARS DAMAGED REPACK THE BiGuard S10 AND RETURN IT TO YOUR RESELLER Warranty Card Power adapter Warranty card x 1 Mounting brackets x 2 BiG...

Страница 14: ...g Device is in use 3 WAN 10 100 LED Green Connected at 100 Mbps Off Connected at 10 Mbps 4 LINK ACT LED On Corresponding port on rear is connected Blinking Data is being transmitted or received 5 LAN...

Страница 15: ...on one side of the BiGuard S10 and secure it with the bracket screws 2 Repeat step 1 to attach the other bracket 3 After attaching both mounting brackets position the BiGuard S10 in the rack by linin...

Страница 16: ...WAN port on the BiGuard S10 connect the other end to an ADSL modem cable modem or another router FIGURE 2 CONNECTING THE BIGUARD S10 TO A WAN Connecting to a LAN Connect switches hubs and servers to...

Страница 17: ...electrical outlet FIGURE 4 CONNECTING THE POWER ADAPTER Turning on the power and checking LED status Press the power switch on the rear of the BiGuard S10 The LEDs all blink once The LEDs blink in seq...

Страница 18: ...deployment examples SSL VPN Appli cations and SSL VPN Features for the use of the BiGuard S10 for easy integration of the BiGuard S10 into your existing network Network environment scenarios The follo...

Страница 19: ...behind an existing firewall router The following illustration demonstrates how the BiGuard S10 can be connected to the DMZ zone of an existing firewall router to provide secure remote access to the s...

Страница 20: ...N The BiGuard S10 above is configured to support secure remote access firewall and internet access functionality Public servers are placed on DMZ zone while private servers for secure remote access ar...

Страница 21: ...e network resources in the form of Network Extender This functionality allows employees and trusted individuals to easily and securely connect to a corpo rate network over SSL VPN FIGURE 9 NETWORK EXT...

Страница 22: ...FIGURE 11 NETWORK PLACES Application Proxy Application Proxy supports most commonly used applications through a web based interface Supported applications include VNC Virtual Network Control RDP5 Term...

Страница 23: ...ess control remote users are granted different privileges and allowed only access to specific applications FIGURE 13 GRANULAR ACCESS CONTROL Remote User 3 Unauthorized User Remote User 2 Remote User 1...

Страница 24: ...om the Certificate Authority CA For the strongest possible SSL encryption we recommend only trusted Certificate Authorities to secure network traffic and the strongest SSL encryption Remember to impor...

Страница 25: ...ill be providing remote access through the SSL VPN such as Application Proxy Network Places Network Extender and Transport Extender will be presented to them through the portal The components presente...

Страница 26: ...server FIGURE 16 AUTHENTICATION DOMAINS LOCAL USER DATABASE The BiGuard S10 provides not only local authentication but provides clientless identity based security and flexible centralized management t...

Страница 27: ...k WAN requests from IP addresses that the router determines are unauthorized WAN settings The BiGuard S10 enables connection to an ISP using a static IP address PPPoE protocol or by automatically obta...

Страница 28: ...N managing the Transporter Extender application and host names managing SSL certifications and creating system logs You can also enable remote access upgrade the firmware and back up and restore confi...

Страница 29: ...18 Administration Guide 2 Click View Certificate You are prompted to install a certificate 3 Click Install Certificate The Certificate Import Wizard appears...

Страница 30: ...9 4 Click Next You are prompted to choose the certificate location 5 Select Automatically select the certificate store based on the type of certificate and click Next The wizard completes the installa...

Страница 31: ...ty Alert screen 9 Click Yes to continue The login screen appears 10 Type the default user name and password User Name admin Password admin Then click Login The Web Manager opens on the Status menu See...

Страница 32: ...FIG to save the configuration to the flash memory without restarting WARNING NOT CLEARING THE IP ADDRESS OF THE BIGUARD S10 FROM BROWSER HISTORY IS A POTENTIAL SECURITY THREAT IF YOU HAVE ENABLED REMO...

Страница 33: ...ing to configure the connection 1 Click Quick Start in the Menu bar 2 Click WAN The Quick Start WAN screen appears 3 Select Static IP from the Protocol drop down menu 4 Type the IP address in the IP A...

Страница 34: ...idle timeout period 8 Check Obtain DNS Automatically if your ISP provides this with the assigned IP Other wise enter the Primary and Secondary DNS provided by your ISP 9 Click Apply to confirm the set...

Страница 35: ...ss Groups Network Objects on page 45 3 Type a user name in the User Name field 4 Type and confirm a password in the Password and Retype Password fields 5 Enable access services for the account Network...

Страница 36: ...wing system and SSL VPN status Status submenus Click Status in the Menu bar to open the Status main screen FIGURE 19 MONITORING STATUS SCREEN ITEMS Registration Click to open a web page on Billion s B...

Страница 37: ...lays the manufacturer s website Active Users Displays the number of active users who are logged on through the SSL VPN Portal including the administrator 1 IP Address Displays the IP address for the L...

Страница 38: ...e this item to distinguish the servers Device Name Type a descriptive name for this device to distinguish it from other gateway devices on the network Embedded Web Server Type the port number for HTTP...

Страница 39: ...elds are unavailable Local Time Zone GMT Time Click the drop down arrow to choose the time zone for your location SNTP Server IP Address Four SNTP time synchronization server addresses are defined by...

Страница 40: ...he current settings FIGURE 23 DHCP STATUS SCREEN The BiGuard S10 is enabled to act as a DHCP server for your network Disable this function if the stations that connect to the BiGuard S10 LAN ports use...

Страница 41: ...DHCP start end IP range The default start end IP range is 192 168 1 100 to 192 168 1 199 FIGURE 24 MAPPING MAC ADDRESS TO FIXED IP ADDRESS SCREEN Refer to the following to map a MAC address to a fixe...

Страница 42: ...you want to map from the list The MAC address for the computer you select is added to the MAC Address field 9 In the IP Address field type an IP address that is outside the DHCP start end IP range Th...

Страница 43: ...GURE 26 ARP TABLE SCREEN Name Displays the name of the user Group Displays the Group name that the user belongs to From IP address Displays the IP address of the user Login Time Displays the time the...

Страница 44: ...the DHCP functionality of the BiGuard S10 FIGURE 28 DHCP TABLE SCREEN Destination Displays the IP address of the destination network Subnet Mask Displays the destination netmask address Gateway Interf...

Страница 45: ...SYSTEM LOG SCREEN NOTE YOU CAN MODIFY PARAMETERS FOR THE INFORMATION THAT IS SAVED TO THE LOG SEE Log and E mail Alerts ON PAGE 92 right click here To save the log right click where indicated and then...

Страница 46: ...RE 30 SSL VPN LOG SCREEN NOTE YOU CAN MODIFY PARAMETERS FOR THE INFORMATION THAT IS SAVED TO THE LOG SEE Log and E mail Alerts ON PAGE 92 right click here To save the log right click where indicated a...

Страница 47: ...nd restoring configura tions setting the log on password and restarting the system Finally you configure advanced features including setting up static routing enabling DDNS and SNMP configuring the fi...

Страница 48: ...ubnet Definitions screen displays current settings These items are display only To change these settings click Next DHCP Server Mode Choose Disable if IP addresses are assigned manually to stations on...

Страница 49: ...ase Time Type the number of seconds from 1 to 999999999 you want for the default lease time This is the time that the router can use an IP address assigned by the DHCP server Maximum Lease Time Type t...

Страница 50: ...isplays the current protocol Click the drop down arrow to change the protocol Mode There are two modes for the connection NAT Network Address Transla tion and Router NAT converts private IP addresses...

Страница 51: ...nnection Connection options are Always On and Connect on Demand If you select Connect on Demand the following field Idle Timeout is available If your ISP charges a fee for connection time select Conne...

Страница 52: ...NAT to add an extra layer of security when user on the internal network need to access the Internet Select Router for an internal network IP Address Type the IP address that your ISP provided Subnet...

Страница 53: ...more public IP addresses for the Internet Select NAT to add an extra layer of security when user on the internal network need to access the Internet Select Router for an internal network MAC Address S...

Страница 54: ...d an untrusted external network such as the Internet The DMZ is a subnet that is located between firewalls or off one leg of a firewall Click the DMZ drop down menu to select Disable or Transparent Wh...

Страница 55: ...c tive drop down menu Click Network Object to display the Network Object menu items Configuring IP address Network Objects Click Address to display the Address screen FIGURE 39 CONFIGURING NETWORK OBJ...

Страница 56: ...u these two fields are displayed IP Address Start type the beginning IP address or click Candi dates to select the starting range from one of the active PCs that are listed on the LAN IP Address End t...

Страница 57: ...sfer control protocol transmission UDP services involving user datagram protocol transmission ICMP services involving internet control message protocol trans mission This option does not require you t...

Страница 58: ...settings Service Group Name Type the name that you want this service group Network Object to have Available Services Displays the list of available services which you can add to this group Select the...

Страница 59: ...ion or rule to be activated Schedules are used for many Policy functions Click Create to create a new schedule FIGURE 47 CREATING A NEW SCHEDULE NETWORK OBJECT Name Type the name of the schedule Netwo...

Страница 60: ...r the downstream bandwidth in the text boxes in kilobits per second Guaranteed type a value that defines the lower limit for down stream bandwidth Maximum type a value that defines the upper limit for...

Страница 61: ...PROFILES Keyword filters prohibit users from accessing Web sites that contain words specified in these profiles Click Create to add a new Network Object profile FIGURE 51 ADDING A KEYWORD FILTER NETW...

Страница 62: ...his profile Domain Type the domain to be added to the forbidden or trusted domain lists Type Select the domain type from the drop down menu Forbidden Domain users will not be allowed access to Web sit...

Страница 63: ...to prohibit browser features that constitute a security threat such as cookies Java applets and ActiveX scripts from being used Click Create to add a new Network Object profile FIGURE 55 RESTRICTING...

Страница 64: ...CKET FILTERING PROFILE Name Type the name for this profile Active Check Enable to make this profile active Packet Flow Select the packet flow direction from the drop down menu LAN to WAN filters packe...

Страница 65: ...to from the drop down menu Schedule Select the schedule for when you want this profile to be applicable Log Check Enable to have the system create a log file when this filter is run Name Type the name...

Страница 66: ...width to function properly QoS can ensure that this bandwidth is provided Click Create to add a new QoS profile FIGURE 61 ADDING A QOS PROFILE External Service Port s Check Redirect to Service if you...

Страница 67: ...affic based on the DSCP markings DSCP markings are used to decide how packets should be treated and is a useful tool to give precedence to varying types of data in QoS scenarios Select an option from...

Страница 68: ...tent Blocking You can also create an IP address exception list which allows specified IP addresses to be accessed Name Type a name for the Ethernet MAC filter Active Check Enable to activate the filte...

Страница 69: ...d Filter Network Objects on page 50 Domains Filtering Check Enable to activate domain filtering and select a Domain Filtering profile from the drop down menu See Creating Domain Filter Network Objects...

Страница 70: ...u to set the time zone configure remote access set up passwords upgrade the BiGuard S10 firmware backup and restore configuration profiles and restart the system Setting the Time Zone Click Time Zone...

Страница 71: ...the BiGuard S10 to automatically adjust for day light saving time Resync Period Type the number of minutes that will elapse before the BiGuard S10 adjusts the time Remote Access Control Select the rem...

Страница 72: ...onfigurations or select only certain objects to your computer Next click the Backup to save your configuration FIGURE 70 BACKING UP AND RESTORING CONFIGURATIONS To restore configurations click the Bro...

Страница 73: ...configuration click Browse and go to the location of the configuration file Click Restore to begin restoring the configuration FIGURE 72 RESTORING A CONFIGURATION Wait for the router to restart befor...

Страница 74: ...irm and click Apply to save the new password Restarting the system Click Restart to view the Restart screen FIGURE 74 RESTARTING THE SYSTEM You can restart the system using the following options Save...

Страница 75: ...device settings Creating Static Routes Click Static Route to view the Static Routing List FIGURE 75 THE STATIC ROUTING LIST Click Create to add a new static route to the list FIGURE 76 ADDING A STATI...

Страница 76: ...PORTS SEVERAL DYNAMIC DNS PROVIDERS Dynamic DNS Server Select a DDNS server from the drop down menu Wildcard Click Enable to allow the DDNS wildcard The Wildcard Alias enables you to point a URL yourd...

Страница 77: ...name of the read community and the IP address associated with it Write Community type the name of the write community and the IP address associated with it Trap Community type the name of the trap com...

Страница 78: ...vice Parameters Click Device Management to change device parameters FIGURE 82 CHANGING PARAMETERS Intrusion Detection Click Enable to activate intrusion detection Block WAN Request Click Enable to act...

Страница 79: ...Portal Layout The Portal Layout is provided to create a personalized layout including portal banner and the default greeting text string To use the Portal Layout features click on Portal Layout under...

Страница 80: ...hentication for PPP connec tions between a Windows based computer and an Access Point or other network access device RADIUS MSCHAPV2 MSCHAPV2 Microsoft Challenge Handshake Authentication Protocol is M...

Страница 81: ...database Local Database stores the user s data in the BiGuard S10 for the users that do not have any Authentication Domain in their environment NOTE RADIUS REMOTE AUTHENTICATION DIAL IN USER SERVICE I...

Страница 82: ...ssigned and whether group is the domain s default group To edit a current group click Edit To create a new group click Create CREATING A NEW GROUP Refer to the following to create a new group 1 In the...

Страница 83: ...ccess the server the VNC client is delivered through the user s Web browser as a Java client File Transfer Protocol FTP The FTP protocol is used to transfer files over a TCP IP network Internet Unix e...

Страница 84: ...ER LISTED APPLICATIONS All the other applications have the same screen field items Refer to the following to add any of the other listed applications 1 Type a name in the Application Name field 2 Sele...

Страница 85: ...admin account are managed from the Account screen FIGURE 88 ACCOUNT MANAGEMENT SCREEN The Account Table shows the account name and the group the user belongs to You can create and edit account from th...

Страница 86: ...ort Extender to log onto the SSL VPN See Installing the Transport Extender on page 5 Web Cache Cleaner When enabled the user s Web cache is cleared on log out from the SSL VPN This aids security as no...

Страница 87: ...om the Group drop down menu See Group Application on page 71 5 Type and confirm a password in the Password Retype Password fields 6 Type the time to log out inactive users in the Inactivity Timeout fi...

Страница 88: ...MENT SCREEN Type the new IP address range parameters and click Apply Creating client routes The Client Route item enables you to set routing rules for the Network Extender client connec tion For examp...

Страница 89: ...en lists the local server IP address and the TCP port number for applications that are configured for tunneling via Transport Extender To add an application for tunneling click Create FIGURE 92 ADDING...

Страница 90: ...ly Managing SSL Certification This section describes how to enable import and apply SSL certificates Importing a certificate Follow these instructions to import an SSL certificate 1 Click SSL Certific...

Страница 91: ...ong to City Locality Type your city State Full Name If in the US type the name of your State Country Type your two letter country code FQDN Domain Name Type the FQDN Fully Qualified Domain Name The FQ...

Страница 92: ...ENING THE CSR 8 Copy all of the CSR text and paste it in the appropriate field on the certificate provider s website and finish following the certificate provider s instructions for getting a certific...

Страница 93: ...cate is loaded and added to the Current Certificates list FIGURE 101 CURRENT CERTIFICATES 13 Now you must activate the imported certificate Click Input to input the password FIGURE 102 INPUTTING THE C...

Страница 94: ...with the simple click of a mouse Application Definition Network Extender Browser based plug in that simplifies clientless remote access deploy ments while delivering full network connectivity for any...

Страница 95: ...uctions to complete the connection SSH JAVA based plug in interface for the secure transfer of files Click on con nect and follow the on screen instructions Username and password is required for login...

Страница 96: ...ars in the task bar indicating that the Network Extender is active and the Connection Status screen appears Check Uninstall On Disconnect or Browser Exit to have the system uninstall the driver every...

Страница 97: ...ess applications that are on that network To create a Transport Extender connection follow the instructions below 1 Click the Transport Extender icon 2 The Transport Extender installs After setup is c...

Страница 98: ...ect the Transport Extender right click the Transport Extender icon and select an option from the menu Accessing Network Place Network Places enables you to access locations on the network to perform t...

Страница 99: ...unning in a graphical interface such as Windows FTP transfers can also be started from within a Web browser by entering the URL preceded with ftp Click Connect in the FTP application line The FTP Sess...

Страница 100: ...Configuring SSL VPN Parameters 89 Type your login name and press Enter to login to Telnet...

Страница 101: ...ernative Click SSH to view the login screen You are prompted for a user name and password which is provided to you by the network administrator USING WEB AND WEB SSL The Web and Web SSL Secure Sockets...

Страница 102: ...ll The RDP program file installs and the remote desktop appears From here you can control the remote system USING VNC Virtual Network Computing VNC is a desktop sharing system which uses the RFB Remot...

Страница 103: ...network activity information The information can then be written to a log sent to an external server or to a selected E mail address Log Configuration Click Log Configuration to open the Log Configur...

Страница 104: ...changes Enable reporting of configuration changes Packet Filter Enable packet filtering Note Packet filtering won t intercept packets that stay within the confines of the LAN MAC Filter The MAC Filte...

Страница 105: ...ation E mail Alert Enables a log of security related events to be sent to a specified e mail address When enabled the following fields are available Recipient s E mail Address Type the e mail account...

Страница 106: ...network must have a network IP address The IP address is either assigned manually a static IP address or it is assigned auto matically dynamic IP address by a DHCP router or server This is the same fo...

Страница 107: ...estab lished you should check the following Ensure each Ethernet cable connection is firmly connected at the firewall and at the hub or workstation Ensure that power is turned on to the connected hub...

Страница 108: ...iguration Interface Both date and time can be found under Configuration System Time Zone To synchronize the date and time open the status page on the Web Configuration Interface and click Sync now I h...

Страница 109: ...ups checkbox and click Apply to save your changes ENABLING POP UP BLOCKERS WITH EXCEPTIONS Follow these instructions to allow pop up blockers with the BiGuard S10 1 In Internet Explorer select Tools I...

Страница 110: ...you are using PPPoE or PPTP encapsulation you need a user name and password which is provided by your ISP Ensure that you have entered the correct Service Type User Name and Password Note that user na...

Страница 111: ...modem 4 When the modem has finished synchronizing with the ISP generally shown by LEDs on the modem turn on the power to your router If you still can t obtain an IP address Your ISP may require a log...

Страница 112: ...wser and enter the IP address 192 168 1 254 in the address bar You will see the recovery mode page 6 Follow the on screen instructions Troubleshooting sequence This section answers some common questio...

Страница 113: ...he default username and password of the BiGuard S10 Series ANSWER The default username and password for the BiGuard S10 Series is as follows Username admin Password admin QUESTION What s the factory d...

Страница 114: ...omputer is automatically assigned an IP address perform the following steps a Click Start and then select Run b Type cmd or command in the Run text box c A DOS window opens d In the DOS prompt type C...

Страница 115: ...properly ANSWER It is possible that the browser is referencing data stored in the cache Clear the offline browser data in the cache restart the browser and try again To clear the cache in Internet Ex...

Страница 116: ...e BiGuard S10 Series from the Internet ANSWER Make sure the Block WAN Request is disabled 1 Click Configuration Advanced Firewall 2 Next to Block WAN Request click the Disable radio button 3 Click App...

Страница 117: ...from getting direct access to a server that has company data The BiGuard S10 Series supports hardware DMZ To set up a DMZ for the BiGuard S10 Series follow these instructions 1 From the Configuration...

Страница 118: ...er you must add this address to the Address List Follow these instructions 1 Click Configuration Network Object Address The Address Table appears 2 Click Create 3 Type a descriptive name for this addr...

Страница 119: ...ck the Reverse Direction box 8 Select HTTP from the Service drop down list and select the newly created address from the To Address drop down list 9 Click Apply The new filter appears in the Packet Fi...

Страница 120: ...ent filters are supported Keyword Filtering Domain Filtering Restricted Features including Java Applet ActiveX Cookies Proxy and surf ing by IP Address QUESTION What is Keyword Filtering in Content fi...

Страница 121: ...ile 3 Type a descriptive name for the keyword filtering profile and type the keyword in the text boxes 4 Click Add The keyword is added to the Block WEB URLs list 5 Add more keywords to this filter by...

Страница 122: ...Create 9 Type a descriptive name for this content filtering profile and check Active to enable con tent filtering 10 In Keywords Filtering check Enable and select your new Keywords Filtering profile...

Страница 123: ...WER Domain filtering is a firewall function designed to block specific domain addresses see example below Example The user wants to block www sexpicture com from being accessed Follow these instructio...

Страница 124: ...type the domain name in this case www sexpicture com in the text boxes Select Forbidden Domain from the Type drop down list 4 Click Add The keyword is added to the Block WEB URLs list As described in...

Страница 125: ...the Domain text box and select Trusted Domain from the drop down list 6 Click Add The domain is added to the trusted domain list 7 Click Apply The new domain filters are listed From here you can Edit...

Страница 126: ...9 Click Create to add a new content filter policy 10 Type a descriptive name for this content filtering profile and check Active to enable con tent filtering 11 In Domains Filtering check Enable and...

Страница 127: ...the exception of specific URLs selected by the user Example To allow a user access to only the www billion com URL follow the two steps below Step 1 Designate the URL www billion com as a trusted doma...

Страница 128: ...e and needlessly consume network bandwidth Once this function is enabled malicious code cannot be executed unless the function is disabled Before you can restrict Java applets and JavaScript you must...

Страница 129: ...able and select the new profile from the drop down list 9 Click Apply The new content filter is added to the list From here you can Edit or Delete the filter You can also Move the filter which changes...

Страница 130: ...ction for Internet use To block the web proxy follow these instructions 1 Click Configuration Network Object Content Blocking Restrict URL Fea ture 2 Click Create to create a Restrict Filtering profil...

Страница 131: ...able and select the new profile from the drop down list 9 Click Apply The new content filter is added to the list From here you can Edit or Delete the filter You can also Move the filter which changes...

Страница 132: ...unction To block cookies follow these instructions 1 Click Configuration Network Object Content Blocking Restrict URL Fea ture 2 Click Create to create a Restrict Filtering profile 3 Type a descriptiv...

Страница 133: ...able and select the new profile from the drop down list 9 Click Apply The new content filter is added to the list From here you can Edit or Delete the filter You can also Move the filter which changes...

Страница 134: ...ssing the Internet See example below Example The IP address http 123 123 123 123 will be blocked if this option is enabled Follow these instructions 1 Click Configuration Network Object Content Blocki...

Страница 135: ...Click Create to create a new content filter 7 Type a descriptive name for this content filter and next to Active check Enable to acti vate this content filter 8 Next to Restrict Feature check Enable a...

Страница 136: ...he Content Filtering ANSWER Exception List is an option to exclude an IP address from content filtering policies See example below Example The user wants to place IP address 192 168 1 100 in the excep...

Страница 137: ...MAC addresses to be able to access the Internet except 00 11 11 11 11 11 1 Click Configuration Policy Ethernet MAC Filtering 2 Click Create to add an Ethernet MAC filter 3 Type a descriptive name for...

Страница 138: ...next to Active to activate the fil ter 4 From the Action drop down list select Forward 5 Type the MAC address in the text box or click Candidates and select and available MAC address from the list 6...

Страница 139: ...to be applied to all MAC addresses 11 Click Apply The new filter is added to the list QUESTION Why can t I ping the WAN IP address of the BiGuard S10 Series from the Internet ANSWER Make sure the Bloc...

Страница 140: ...n is enabled in the System Remote Access menu Click Apply to save the settings QUESTION What s the Auto log out timer ANSWER There is an inactivity timeout within the configuration pages The default v...

Страница 141: ...s but we do not recommend doing so as Internet service reliability varies between areas QUESTION I ve just upgraded the router firmware to the latest version but I found some of the buttons or pages d...

Страница 142: ...click OK SNMP QUESTION What type of SNMP MIBs are supported by the BiGuard S10 Series ANSWER The following MIBs are supported by the BiGuard S10 Series RFC1213 MIB II System group Interfaces group Add...

Страница 143: ...nnect to the BiGuard S10 Series ANSWER The following options on the browser need to be enabled for successful connec tion SSLv2 SSLv3 or TLS Cookies Pop ups for the site Java Javascript ActiveX QUESTI...

Страница 144: ...3 or SMTP Server Network Place Network Place provides remote users with a secure web inter face to Microsoft File Shares using the CIFS Common Internet File System or SMB Server Message Block protocol...

Страница 145: ...er network segment that can be reached by the BiGuard S10 Series The remote user communicates with the BiGuard S10 Series by HTTPS using an administrator predefined URL which is retrieved over HTTP by...

Страница 146: ...ase from the Application drop down list 5 Type the designated IP address in the IP Address text box 6 Click Apply The application is added to the list From here you can Edit or Delete the application...

Страница 147: ...list 11 Type a password in the text box and retype the password for confirmation 12 Check the Application Proxy Applications box in this case BiGuard FTP 13 Click Apply 14 Log out of the web configur...

Страница 148: ...Using Network Extender QUESTION How do I set up Network Extender ANSWER Use the following guide to set up Network Extender 1 Click Quick Start SSL VPN NOTE THE SINGLE SIGN ON SSO FEATURE CAN ONLY BE...

Страница 149: ...drop down list and click Next 3 Type the user name and the password Retype the password for confirmation 4 Ensure the Network Extender Service button is enabled 5 Click Apply 6 Log out and log in agai...

Страница 150: ...rop down message appears at the top of your browser prompting you to Install an ActiveX Control 8 Click Install ActiveX Control A Security Message is displayed 9 Click Install The installation begins...

Страница 151: ...ActiveX Control will not need to be installed when you log on again If the box is checked ActiveX will uninstall itself when you log off to prevent unautho rized access for example if a public domain...

Страница 152: ...192 168 1 210 192 168 1 230 by default is in the same subnet as your BiGuard S10 Series LAN network address 192 168 1 254 by default Alternatively if your client address is not the same as your BiGuar...

Страница 153: ...to assign the user to from the drop down list 5 Click the Transport Extender Service Enable button 6 Click Apply 7 Click SSL VPN Transport Extender Application 8 Click Create The Transport Extender pa...

Страница 154: ...to the BiGuard S10 as the remote user created The following screen is displayed 11 Click Transport Extender A drop down message appears at the top of your browser prompting you to Install an ActiveX...

Страница 155: ...A Security Message will be displayed 13 Click Install The Transport Extender installs After setup is complete an icon appears in the task bar indicating that the Network Extender is active and the fol...

Страница 156: ...u log on again If the box is checked ActiveX will uninstall itself when you log off to prevent unauthorized access for example if a public domain terminal was used to access Transport Extender Click D...

Страница 157: ...omplete domain name for a specific host on the Internet and consists of the host name and domain name for example www billion com Email Type your email address Password Type a password Ensure that you...

Страница 158: ...le to your computer and extract the files to a folder 5 Next you can sign a certificate for example from Verisign www verisign com 6 Follow the instructions from the web You will be prompted to input...

Страница 159: ...r will send you the certificate by email 9 Copy the certificate text and paste into a text editor Save the file as server crt 10 Zip the files server crt and server key into a file for example server...

Страница 160: ...ssword text box type the password that you created when generating the CSR 15 Click Apply The certificate is ready to be used 16 Click Enable to enable the certificate Registering the BiGuard S10 QUES...

Страница 161: ...ction describes how to configure an active directory server for use with the BiGuard S10 Configuring an Active Directory server Follow these instructions to configure an Active Directory server 3 Clic...

Страница 162: ...152 BIGUARD S10 FAQ The Welcome to the Configure Your Server Wizard screen opens 8 Click Next The Preliminary Screen opens...

Страница 163: ...Configuring an Active Directory server 153 9 Click Next The Server Role screen opens 10 Select Domain Controller Active Directory and then click Next The Summary of Selections screen appears...

Страница 164: ...154 BIGUARD S10 FAQ 11 Click Next The Welcome to the Active Directory Installation Wizard screen appears 12 Click Next The Operating System Compatibility screen appears...

Страница 165: ...Configuring an Active Directory server 155 13 Click Next The Domain Controller Type screen opens 14 Select Domain controller for a new domain and then click Next The Create New Domain screen appears...

Страница 166: ...156 BIGUARD S10 FAQ 15 Select Domain in a new forest and then click Next The New Domain Name screen opens 16 Enter a domain name and then click Next The NetBIOS Domain Name screen appears...

Страница 167: ...rver 157 17 Enter a domain NetBIOS name and then click Next The Database and Log Folders screen appears 18 Select the folders that will store the Active Directory database and log Then click Next The...

Страница 168: ...158 BIGUARD S10 FAQ 19 Enter a location for the SYSVOL folder and then click Next The DNS Registration Diagnostics screen appears...

Страница 169: ...creen appears 21 Select Permissions compatible only with Windows 2000 or Windows Server 2003 operating systems 22 Click Next The Directory Services Restore Mode Administrator Password screen appears 2...

Страница 170: ...160 BIGUARD S10 FAQ 24 Click Next The Summary screen appears 25 Click Next The wizard will configure Active Directory automatically and will notify you when the configuration is complete...

Страница 171: ...an example the net masks for Class A B and C are 255 0 0 0 255 255 0 0 and 255 255 255 0 respectively Instead of dotted decimal notation the net mask can also be written in terms of the number of ones...

Страница 172: ...uires access from outside computers you can use port forwarding to accomplish this For information on how to configure port forwarding on BiGuard S10 refer to Configuring the Virtual Server on page 54...

Страница 173: ...ck or intrusion is detected the firewall can be configured to log the intru sion attempt and can also notify the administrator of the incident With this information the administrator can work with the...

Страница 174: ...twork A simple NAT router provides a basic level of protection by shielding your network from the outside Internet Still there are ways for more dedicated hackers to either obtain information about yo...

Страница 175: ...Shell SSH support Web based data HTTP HTTPS Granular User Policy Management Compatible Web Browsers Microsoft Internet Explorer 5 01 or newer versions Internet Explorer 6 0SP1 is strongly recommended...

Страница 176: ...ity of Service Control Support DiffServ approach Traffic prioritization and bandwidth management based on IP protocol port number and IP address Policy control based on IP address or MAC address Loggi...

Страница 177: ...configured to DMZ Power Switch Reset button Physical Specification Dimensions 19 x 6 54 x 1 65 482mm x 166mm x 42mm w bracket 250mm x 166mm x 33 8mm w o bracket Power Requirement Input 12V DC 1A Oper...

Страница 178: ...cally refers to an Internet site address DTIM DTIM Delivery Traffic Indication Message provides client stations with information on the next opportunity to monitor for broadcast or multicast messages...

Страница 179: ...etworks that serve users within specific geographical areas such as in a company building LANs are comprised of servers workstations a network operating system and communica tions links such as the ro...

Страница 180: ...achines that store programs and data The programs and data are shared by client machines workstations on the network SMTP SMTP Simple Mail Transfer Protocol is the standard Internet e mail pro tocol S...

Страница 181: ...rdwired net works Wireless LAN Wireless LANs WLANs are local area networks that use wireless com munications for transmitting data Transmissions are usually in the 2 4 GHz band WLAN devices do not nee...

Страница 182: ...specifically designated for that purpose by Billion The warranty does not extend to defects resulting from normal wear and tear nor does it extend to any deviating application relating to local regio...

Результаты поиска

Содержание BiGuard S10

Отзывы:

Похожие инструкции для BiGuard S10

Бренды по названию

Популярные бренды

Billion BiGuard S10, Руководство администратора

Результаты поиска

Содержание BiGuard S10

Отзывы:

Похожие инструкции для BiGuard S10

Бренды по названию

Популярные бренды