Novell ZENworks Endpoint Security Management 3.5 Manual De Usuario
ZENworks® ESM 3.5
Administrator’s Manual
124
Additional ports and lists may be added to the firewall settings, and given unique
behaviors which will override the default setting.
behaviors which will override the default setting.
Example: The default behavior for all ports is set as All Stateful. The ports lists for
Streaming Media and Web Browsing are added to the firewall setting. The Streaming
Media port behavior is set as Closed, and the Web Browsing port behavior is set as Open.
Network traffic through TCP Ports 7070, 554, 1755, and 8000 would be blocked. Network
traffic through ports 80 and 443 would be open and visible on the network. All other ports
would operate in Stateful mode, requiring the traffic through them be solicited first.
Streaming Media and Web Browsing are added to the firewall setting. The Streaming
Media port behavior is set as Closed, and the Web Browsing port behavior is set as Open.
Network traffic through TCP Ports 7070, 554, 1755, and 8000 would be blocked. Network
traffic through ports 80 and 443 would be open and visible on the network. All other ports
would operate in Stateful mode, requiring the traffic through them be solicited first.
Step 4: Select whether to display this firewall in the ZSC menu (if unchecked, the user will not see
this firewall setting)
Step 5: Click Save. Repeat the above steps to create another firewall setting
To associate an existing firewall setting:
Step 1: Select Firewall Settings in the components tree and click the Associate Component button
Step 2: Select the desired firewall setting(s) from the list
Step 3: The default behavior setting may be re-defined
Note:
Changing the settings in a shared component will affect ALL OTHER instances of this same component.
Use the Show Usage command to view all other policies associated with this component.
Use the Show Usage command to view all other policies associated with this component.
Step 4: Click Save
Multiple firewall settings can be included within a single location. One is defined as the default
setting, with the remaining settings available as options for the user to switch to. Having multiple
settings are useful when a user may normally need certain security restrictions within a network
environment and occasionally needs those restrictions either lifted or increased for a short period
of time, for specific types of networking (i.e., ICMP Broadcasts).
setting, with the remaining settings available as options for the user to switch to. Having multiple
settings are useful when a user may normally need certain security restrictions within a network
environment and occasionally needs those restrictions either lifted or increased for a short period
of time, for specific types of networking (i.e., ICMP Broadcasts).
Three firewall settings are included at installation, they are:
•
All Adaptive - This firewall setting sets all networking ports as stateful (all unsolic-
ited inbound network traffic is blocked. All outbound network traffic is allowed), ARP
and 802.1x packets are permitted, and all network applications are permitted a net-
work connection, all.
ited inbound network traffic is blocked. All outbound network traffic is allowed), ARP
and 802.1x packets are permitted, and all network applications are permitted a net-
work connection, all.
•
All Open - This firewall setting sets all networking ports as open (all network traffic is
allowed), all packet types are permitted. All network applications are permitted a net-
work connection
allowed), all packet types are permitted. All network applications are permitted a net-
work connection
•
All Closed - This firewall setting closes all networking ports, and restricts all packet
types.
types.
A new location will have the single firewall setting, All Open, set as the default. To set a different
firewall setting as the default, right click the desired Firewall Setting and choose Set as Default.
firewall setting as the default, right click the desired Firewall Setting and choose Set as Default.