SonicWALL 4.5 Manuale Utente
116
Enforced Client Product Guide
Using the Firewall Protection Service
Configuring policies for firewall protection
5
Specify a connection type
The connection type defines the environment where client computers are used and determines
which IP addresses and ports the firewall protection service allows to communicate with them.
This option defines what the firewall protection service considers to be suspicious activity. The
default setting is
which IP addresses and ports the firewall protection service allows to communicate with them.
This option defines what the firewall protection service considers to be suspicious activity. The
default setting is
Untrusted
.
Select from three connection environments:
Untrusted
Is connected directly to the Internet.
For example: through a dial-up
connection, a DSL line, or a cable modem;
through any type of connection in a coffee
shop, hotel, or airport.
Blocks communications with all other
computers, including those on the same
subnet.
computers, including those on the same
subnet.
Trusted
Is connected indirectly to a network that is
separated from the Internet by a hardware
router or firewall.
separated from the Internet by a hardware
router or firewall.
For example: in a home or office network.
Allows communications with other
computers on the same subnet, but
blocks all other network
communications.
computers on the same subnet, but
blocks all other network
communications.
Custom
Should communicate only through
specific ports or with a specific range of
IP addresses, or the computer is a server
providing system services.
specific ports or with a specific range of
IP addresses, or the computer is a server
providing system services.
You also need to configure additional
options (see
).
Allows communications only with the
ports and IP addresses you specify, and
blocks all other network
communications.
ports and IP addresses you specify, and
blocks all other network
communications.
Note
To specify a connection type:
1 On the
1 On the
Groups + Policies
page, click
Add Policy
(or click
Edit
to modify an existing policy).
2 Click the
Desktop Firewall
tab, select a
Connection Type
, then click
Save
.
Configure a custom connection
Configure a custom connection type to designate:
Ports through which your computer can receive communications. This is required to set up
your computer as a server that provides system services. Your computer will accept
communications through any open port from any computer.
your computer as a server that provides system services. Your computer will accept
communications through any open port from any computer.
IP addresses from which your computer can receive communications. This allows you to
limit communications to specific IP addresses.
limit communications to specific IP addresses.
From the
Firewall Custom Settings
page, you can define exactly which communications the
firewall protection service allows:
Caution
For client computers used in multiple environments, it is important to update the connection
type whenever the working environment changes. For example, mobile users who connect to
both secure (trusted) and unsecure (untrusted) networks must be able to change their setting
accordingly.
type whenever the working environment changes. For example, mobile users who connect to
both secure (trusted) and unsecure (untrusted) networks must be able to change their setting
accordingly.
Select this...
When the computer...
Then the firewall service...
This feature does not affect Internet applications running on client computers. To configure
Internet applications, see
Internet applications, see