WatchGuard Technologies FireboxTM System 4.6 User Manual
User Guide
51
Configuring services for authentication
Configuring services for authentication
One way to create effective user authentication environments is to restrict all
outgoing services to allow connections only from authenticated users.
outgoing services to allow connections only from authenticated users.
The following example applies to dynamically addressed (DHCP-based) networks.
1
Create a group on the Windows NT server that contains all the user accounts.
2
In the Policy Manager Services Arena, double-click the Outgoing or Proxy service
icon.
icon.
The Properties dialog box appears, displaying the Filter Rules tab.
3
Under Internal Hosts, click Add.
The Add Address dialog box appears.
4
Enter the group name you just created on the Windows NT server.
5
Configure the Outgoing From lists on services in the Services Arena according to
your security policy preferences.
your security policy preferences.
Modifying a service
After adding a service, some features and attributes can be changed while others
require that you delete the service and add it again. In general, you can modify any
property contained in the Properties dialog box. You must delete and add a new
service for any property set during the initial setup.
require that you delete the service and add it again. In general, you can modify any
property contained in the Properties dialog box. You must delete and add a new
service for any property set during the initial setup.
Properties that can be modified on an existing service include:
• Rule sets for incoming and outgoing traffic
• Logging and notification characteristics
Properties that require deleting the service and adding it back again include:
• Port configuration
• Client port setting
• Protocol
To modify service properties, see “Defining service properties” on page 49 and
“Customizing logging and notification by service or option” on page 76.
“Customizing logging and notification by service or option” on page 76.
To completely modify a service by deleting it and then adding it again, see “Deleting
a service” on page 51 and“Adding an existing service” on page 47.
a service” on page 51 and“Adding an existing service” on page 47.
Deleting a service
The Delete Service command deletes the selected service from the Services Arena.
When you remove a service and save the new configuration, the Firebox denies
incoming connections to the service and stops all but default logging from the service.
From Policy Manager, in the Services Arena:
When you remove a service and save the new configuration, the Firebox denies
incoming connections to the service and stops all but default logging from the service.
From Policy Manager, in the Services Arena:
1
Select the service to delete.