HP X Unified Security Platform 84

Chapter 4 Firewall

Table 4–1: Default Firewall Rule Configuration (Continued)

ID	Action	Source	Dest Zone	Service	Logging	State	Description
ID	Action	Zone	Dest Zone	Service	Logging	State	Description
		Zone


	Permit	this-	ANY	ANY		Enabled	This is an
		device					implicit firewall
							rule that
							cannot be
							modified or
							viewed from
							the LSM. It is
							needed for
							AutoDV, Web
							Filtering, and
							other features.
							This rule also
							allows the
							Network Tools
							to operate.

	Block	ANY	ANY	ANY		Enabled	Implicit rule
							that blocks all
							other traffic
							with a silent
							drop.

The default firewall rules configured for the this-devicezone use the LAN security zone. The management IP address of the X family device is any of the IP interface addresses. The device IP address is not generally accessible to the LAN by ping (or other services) unless a firewall rule allows such access. The device allows you to configure a firewall rule to prevent access to the management interface, even from the LAN security zone.

Note If you delete the this-devicezone, you may only be able to access the device using the command line interface (CLI) on the serial port.

For a detailed explanation of firewall rule concepts together with an example firewall implementation, see the Concepts Guide.

For additional information on managing firewall rules from the LSM, see the following topics:

•“Managing Firewall Rules” on page 68

•“Configuring Firewall Rules” on page 71

Managing Firewall Rules

The Firewall Rules page (Firewall > Firewall Rules) displays a list the firewall rules currently configured on your X family device. From this page, you can view, edit, enable, disable, and re-order firewall rules.

68 X Family LSM User’s Guide V 2.5.1