Operating Manual PCOM sec br2
| 28
A rule is deemed to be unambiguous if the following properties have been configured:
– IP address of the device in the unprotected network
– Port number of the device in the unprotected network
– IP address of the PSS 4000 device in the protected network
– Port number of the PSS 4000 device in the protected network
Ambiguous rules are permitted if the IP address and port number of a device in the un-
protected network are unknown.
Potential problems with ambiguous rules:
– One rule defines many connections
– One rule opens undesired access to the PSS 4000 device in the protected network
For further information see Online help.
Access rules for Generic Devices
The rules allow administrative communication with the Generic Device via VPN tunnel and/
or data communication between a device in the unprotected network and the Generic
Device in the protected network. A maximum of 25 rules (administrative rules and forward-
ing rules) can be defined per device.
Administrative access rules
The system allows the definition of administrative access rules for Generic Devices. These
rules are used to allow administrative access to a Generic Device via the VPN tunnel. An
administrative access rule is always linked to a Generic Device. The source or destination
IP address of the data traffic (depending on the direction) is always determined by the IP
address of the Generic Device.
Forwarding rules
The rules monitor traffic between a device on an unprotected network and a Generic
Device on a protected network. The following protocols are supported for the forwarding
For further information see Online help.
Manage certificates
The SecurityBridge uses X.509 certificates to secure communication between the VPN cli-
ent and the SecurityBridge, plus the user interface.
By default the system uses a self signed CA certificate to sign the server certificate. The
certificates are automatically generated by the SecurityBridge.