HP Firewall manual Subnet addresses, Address range configuration items

Page 72

Table 77 Address range configuration items

Item

Description

 

Required

 

Type a name for the address range.

 

Valid characters for the name: letters, digits, underscores (_), periods (.),

Name

slashes (/), and hyphens (-), where underscores can’t appear at the beginning

or end of the name.

 

 

IMPORTANT:

 

The name must be unique in the system. It cannot be the same as the name of an

 

existing host address, address range, subnet address, or IP address group.

 

Optional

 

Type some descriptive information for the address range.

Description

Valid characters for the description: letters, digits, blank spaces, colons (:),

 

 

underscores (_), commas (,), periods (.), exclamatory marks (!), and hyphens

 

(-), where underscores can’t appear at the beginning or end of the name.

 

 

 

Required

Address Range

Set the start IP address and end IP address of the address range.

 

The IP addresses must be in dotted decimal notation.

 

 

 

Required

 

Specify the IP addresses to be excluded from the address range.

Excluded Addresses

Input an IP address and click Add next to the text box to add the IP address

to the excluded IP addresses list. You can also select an IP address on the list

 

 

and click Delete to remove the IP address from the list.

 

The IP addresses must be in dotted decimal notation.

 

 

To delete address ranges, select them and click Delete on the address range management page. Return to IP address management functions.

Subnet addresses

From the navigation tree of the firewall management component, select IP Addresses under Security Policy Management. Click the Subnet Addresses tab to enter the subnet address management page, as shown in Figure 72. Table 78 describes the fields of the subnet address list.

Figure 72 Subnet address management page

Table 78 Fields of the subnet address list

Field

Description

Name

Name of the subnet address

 

 

68

Image 72
Contents HP A-IMC Firewall Manager Page Contents Page Introduction to HP A-IMC Firewall Manager What HP A-IMC Firewall Manager can doInstalling the firewall manager Registering the firewall managerUninstalling the firewall manager Register your licenseDevice management Operator management System configuration Device managementManaging devices Device managementFunction Description Device query optionOption Description Fields of the device listAdd a device Device configuration items Return to Device management functionsTelnet Password, Snmp Version, Community String for Reading, Device information Device software management Fields of the device software listDeploying software to devices Deploying software to devicesRequired Task Name Software backup result Return to Device software management functionsDevice config management Fields of the software backup result listBacking up configuration files Restoring a configuration fileFields of the device configuration management list Backing up configuration filesDevice configuration information management interface Fields of the configuration label list Running ConfigTab Description LabelCompare two configuration files Fields of the running configuration list Draft list Fields of the draft listConfiguration guide Managing batch importManaging device groups Device group list Adding a device groupDevice group management functions Fields of the device group listManaging events Device event listDevice event query options OptionDevice interface event list Fields of the device event listDevice interface event query options OptionDescriptionManaging device access templates Template listFields of the template list Return to Template management functionsAdd a template Template configuration items Adding a templateManaging the device software database Importing device software Device software database query optionFields of the device software database list Importing device softwareManaging deployment tasks Deployment task query optionFields of the deployment task list Operator management Managing operatorsUser levels and the rights User level RightsOperator list Adding an operatorOperator management functions Function Description Fields of the operator listOperator configuration items Managing operation logsChanging your login password Fields of the operation log listItemDescription System configuration Configuring system parameterConfiguring management ports Configuring the mail server Configure the mail server Mail server configuration itemsManaging filters Filter listFields of the filter list Filter listAdding a filter FieldDescriptionReturn to Filter management functions Managing Ldap servers Ldap server listLdap server list Adding an Ldap serverAdding an Ldap server Fields of the Ldap server listReturn to Ldap server management functions Managing log retention time Monitoring the disk spaceActual free disk space is lower than this value Managing subsystems Free disk space monitoringAdding a subsystem Subsystem information Fields of the subsystem listPage Attack events monitoring Snapshot of eventsSnapshot of events Event snapshot query options Fields in the event snapshot listsRecent events list Fields of the recent events listEvent analysis Device monitoringEvent overview Are under your management will appear in the drop-down list Event details Top 10 attack events contrast graphAttack event details Event details query options Report exporting management Fields of the attack event details listReport export file list Fields of the report export task listReport export task management functions Report export file listEvent auditing Adding a report export taskReturn to Report export task management functions Inter-zone access log auditing Abnormal traffic log auditingBlacklist log auditing Operation log auditingOther log auditing Operation log auditingNAT log auditing Mpls log auditingSecurity policy management Security zonesSecurity zone list Security zone list Adding a security zoneFields of the security zone list Return to Security zone management functionsSecurity zone configuration item Time rangesImporting security zones from a device Time range listTime range list Adding a time rangeFields of the time range list Return to Time range management functionsServices Predefined servicesFields of the predefined service list User-defined services Return to Service management functionsType a name for the user-defined service Service groups Service group management Fields of the service group listAdd a service group Service group configuration items IP addresses Host addressesFields of the host address list Add a host address Host address configuration items Address ranges Address range management Fields of the address range listAddress range configuration items Subnet addressesAdd an subnet address Subnet address configuration items IP address groups Add an IP address group IP address group configuration items Interzone rules Interzone rule listInterzone rule query options Interzone rule listAdding an interzone rule Fields of the interzone rule listFiled Description Return to Interzone rule management functionsAdd an interzone rule Interzone rule configuration items Add source IP addresses for the interzone rule Interzone policies Interzone policy listInterzone policy list Adding an interzone policyAdding an interzone policy Rule managementFields of the interzone policy list Return to Interzone policy management functionsRule management Fields of the policy’s rule list Sorting interzone rules Move rulesInterzone policy applications Interzone policy application listInterzone policy application query options Fields of the interzone policy application listApplying interzone policies Applied rules listReturn to Interzone policy application management functions Zone and destination zone pair is numbered Firewall device management Managing firewall devicesFirewall management functions Firewall device listFirewall device list Adding firewall devicesQuery options on the firewall device management Fields of the firewall device listManaging the device configuration database Viewing device statisticsConfiguration segment list Fields of the configuration segments listAdding a configuration segment Return to Configuration segment management functionsImporting configuration segments from device Configuration segment configuration itemsDeploying a configuration segment Configure deployment task attributes Deployment task list Deployment task listFields of the deployment task list Comprehensive analysis Online usersComprehensive analysis SSL VPN log auditing Online users trends Daily user statisticsUser Count field shows the count of login times on that day Daily user statisticsUser access records auditing SSL VPN log auditingResource access auditing Authentication failure auditingAuthentication failure auditing Configuration procedure Network requirementsAdding devices to the firewall manager Add a device to the firewall management component Configuration procedures Configuring the firewall deviceConfiguring the Firewall Manager Configure Snmp on the FW deviceEnter the following commands in the CLI Enable logging and send logs to Firewall Manager Add the FW device to the Firewall ManagerConfigure a log host Configuring intrusion detection UserlogScanning detection Blacklist Urpf check Verification Firewall logs and Firewall Manager analysisDisplaying log report on the firewall webpage Intrusion Policy Log User log Recent list Inter-zone access logs Blacklist logs Operation Logs Subscription service Contacting HPRelated information DocumentsCommand conventions SymbolsConventions GUI conventionsNetwork topology icons Port numbering in examplesIndex Time ranges,58User access records auditing,96 Viewing device statistics,85
Related manuals
Manual 60 pages 30 Kb Manual 3 pages 40.21 Kb

Firewall specifications

HP Firewall, often positioned as a key component in enterprise network security, is designed to protect sensitive data and maintain secure communications across various environments. The primary role of a firewall is to monitor incoming and outgoing network traffic and make decisions based on a set of security rules. HP Firewalls utilize a combination of hardware and software to create a robust security framework that helps organizations manage their network perimeter effectively.

One of the main features of HP Firewall is its advanced security protocols that provide deep packet inspection. This technology scrutinizes packet contents beyond the header information, analyzing data flows for signs of malicious activity. By employing Stateful Inspection, HP Firewalls maintain a state table that logs active connections, allowing the firewall to evaluate packets in the context of established sessions. This helps optimize resource usage while delivering high-performance security.

Another characteristic of HP Firewall is its integration with HP's broader security ecosystem. By working seamlessly with other HP security products, such as HP Secure Access and HP Advanced Malware Protection, organizations can deploy a multi-layered security strategy. This integration enables centralized management, streamlining security policies and improving response times against threats.

HP Firewalls also feature next-generation capabilities. This includes intrusion prevention systems (IPS) that actively monitor network traffic for suspected threats and automatically take action to block potential breaches. Additionally, these firewalls come with application awareness features, allowing organizations to enforce policies based on specific applications rather than simply based on port or protocol. This granularity enhances control over minimal use of bandwidth while simultaneously mitigating risks from unwanted applications.

Furthermore, HP Firewall models are equipped with user identity management, allowing organizations to apply security policies based on user roles and the specific needs of the business. This significantly improves the overall security posture as it adds another layer of control.

Scalability is a notable characteristic of HP Firewalls, making them suitable for both small businesses and large enterprises. Organizations can expand their security infrastructure as needed while maintaining efficiency.

In summary, HP Firewalls deliver advanced security features, scalability, and seamless integration within the HP security ecosystem. Their emphasis on deep packet inspection, real-time monitoring, and user identity management make them a powerful asset in the defense against cyber threats, ensuring that organizations can protect their critical data and maintain the integrity of their network environments.