data leakage, 261
direct usage with IP rules, 253
enabling, 253
extended logging, 260
license expiry behavior, 264
managing filters, 263
maximum unclassified setting, 258
memory optimization setting, 876
risk guidelines, 263
selecting all signatures, 263
selecting BitTorrent with uTP, 258
signature inheritance, 263
Strict HTTP setting, 258
subscription expiry behavior, 883
the appcontrol command, 261
traffic shaping, 255, 780
application layer gateway (see ALG)
ARP, 221
advanced settings, 226
ARP object properties, 224
cache, 221
gratuitous, 296
host monitoring source IP, 300
proxy, 302
publish, 223
publish LDAP source IP, 618
static mode objects, 224
xpublish vs publish mode, 224
ARP authentication, 633
ARP Broadcast setting, 226
ARP Cache Size setting, 222
ARP Expire setting, 222
ARP Expire Unknown setting, 222
ARP Hash Size setting, 223
ARP Hash Size VLAN setting, 223
ARP Match Ethernet Sender setting, 227
ARP Multicast setting, 226
ARP poll interval setting, 301
ARP Query No Sender setting, 227
authentication, 608
administrators group, 612
agent, 624
ARP authentication, 633
auditors group, 612
brute force protection, 630
customizing HTML pages, 635
databases, 610
HTTP, 627
identity awareness agent, 644
IP allocation using RADIUS, 615
local user database, 610
MAC address duplicate problem, 634
multi factor (2-factor), 650
rules, 624
setup summary, 610
source, 625
specifying group membership, 611
SSH client key usage, 613
user identity awareness, 641
using IP address objects, 612, 639
using LDAP, 616
using RADIUS, 614
with RADIUS for management, 67
XAuth, 624
Auto Add Multicast Route setting, 374
autonomous system (see OSPF)
Auto Save Interval (DHCP) setting, 407
Auto Save Policy (DHCP) setting, 407
auto-update, 136
B
backing up configurations, 136
bandwidth guarantees, 787
banner files
for web authentication, 635
for web content filtering, 521
parameters, 521, 636
storage folder, 65
blacklisting
hosts and networks, 571
URLs, 429
wildcarding, 505
with IDP, 559
with threshold rules, 804
with URL filtering, 504
Block 0000 Src setting, 850
Block 0 Net setting, 850
Block 127 Net setting, 850
blocking applications with IDP, 552
Block Multicast Src setting, 850
boot menu, 34, 66
BOOTP, 404
BPDU relaying, 388
broadcast packet forwarding, 304
brute force protection (see authentication)
C
CAM Size setting, 390
CAM To L3 Cache Dest Learning setting, 390
CA servers
access, 277
client access, 278
disabling validation, 279
private server placement, 279
certificates, 268
associating with IPsec tunnels, 274
CA authority, 271
certificate chains, 271
certificate requests, 279
certificate revocation list (CRL), 269
chains with IPsec, 711
configuration object creation, 270
CRL distribution point lists, 275
graphical interface uploading, 274
ID lists, 697
intermediate, 271
reusing root certificates, 273
revocation list (CRL), 272
SCP uploading, 273
self-signed, 270, 673
self-signed with IPsec, 711
storage folder, 65
the certificate cache, 272
uploading, 273
validity, 271
VPN troubleshooting, 763
with IPsec LAN-to-LAN, 673
with IPsec roaming clients, 677
chains (in traffic shaping), 777
CLI, 34, 46
appending property values, 49
case sensitivity, 47
changing admin password, 54
command history, 48
Alphabetical Index
902
Содержание NetDefendOS
Страница 30: ...Figure 1 3 Packet Flow Schematic Part III Chapter 1 NetDefendOS Overview 30 ...
Страница 32: ...Chapter 1 NetDefendOS Overview 32 ...
Страница 144: ...Chapter 2 Management and Maintenance 144 ...
Страница 220: ... Enable DHCP passthrough Enable L2 passthrough for non IP protocols 4 Click OK Chapter 3 Fundamentals 220 ...
Страница 267: ... SourceNetwork lannet DestinationInterface any DestinationNetwork all nets 4 Click OK Chapter 3 Fundamentals 267 ...
Страница 284: ...Chapter 3 Fundamentals 284 ...
Страница 360: ...The ospf command options are fully described in the separate NetDefendOS CLI Reference Guide Chapter 4 Routing 360 ...
Страница 392: ...Chapter 4 Routing 392 ...
Страница 396: ...Web Interface 1 Go to Network Ethernet If1 2 Select Enable DHCP 3 Click OK Chapter 5 DHCP Services 396 ...
Страница 419: ... Host 2001 DB8 1 MAC 00 90 12 13 14 15 5 Click OK Chapter 5 DHCP Services 419 ...
Страница 420: ...Chapter 5 DHCP Services 420 ...
Страница 424: ...2 Now enter Name lan_Access Action Expect Interface lan Network lannet 3 Click OK Chapter 6 Security Mechanisms 424 ...
Страница 573: ...Chapter 6 Security Mechanisms 573 ...
Страница 575: ...This section describes and provides examples of configuring NAT and SAT rules Chapter 7 Address Translation 575 ...
Страница 607: ...Chapter 7 Address Translation 607 ...
Страница 666: ...Chapter 8 User Authentication 666 ...
Страница 775: ...Chapter 9 VPN 775 ...
Страница 819: ...Chapter 10 Traffic Management 819 ...
Страница 842: ...Chapter 11 High Availability 842 ...
Страница 866: ...Default Enabled Chapter 13 Advanced Settings 866 ...
Страница 879: ...Chapter 13 Advanced Settings 879 ...