Planet Technology CS-500 4.4 Policy, 4.4.1 Outgoing, Step, Step, Step, Step, Custom, Policy, Policy, Address, Address, Address, Service, Outgoing, What is Policy, Virtual Server

Content Security Gateway User’s Manual

4.4 Policy

This section provides the Administrator with facilities to sent control policies for packets with different source IP addresses, source ports, destination IP addresses, and destination ports. Control policies decide whether packets from different network objects, network services, and applications are able to pass through the Content Security Gateway.

What is Policy?

The device uses policies to filter packets. The policy settings are: source address, destination address, services, permission, packet log, packet statistics, and flow alarm. Based on its source addresses, a packet can be categorized into:

(1)Outgoing: a client is in the LAN networks while a server is in the WAN networks.

(2)Incoming, a client is in the WAN networks, while a server is in the LAN networks.

(3)To DMZ: a client is either in the LAN networks or in the WAN networks while, server is in DMZ.

(4)From DMZ, a client is in DMZ while server is either in the LAN networks or in the WAN networks.

How do I use Policy?

The policy settings are source addresses, destination addresses, services, permission, log, statistics, and flow alarm. Among them, source addresses, destination addresses and IP mapping addresses have to be defined in the Address menu in advance. Services can be used directly in setting up policies, if they are in the Pre-defined Service menu. Custom services need to be defined in the Custom menu before they can be used in the policy settings.

If the destination address of an incoming policy is a Mapped IP address or a Virtual Server address, then the address has to be defined in the Virtual Server section instead of the Address section.

Policy Directions:

Step 1. In Address, set names and addresses of source networks and destination networks. Step 2. In Service, set services.

Step 3. In Virtual Server, set names and addresses of mapped IP or virtual server (only applied to Incoming policies).

Step 4. Set control policies in Policy.

4.4.1 Outgoing

This section describes steps to create policies for packets and services from the LAN network to the WAN network.

Entering the Outgoing window:

Click Policy on the left hand side menu bar, then click Outgoing under it. A window will appear with a table displaying currently defined Outgoing policies.

- 153 -