Planet Technology CS-500 WAN, LAN, IDP:, QoS:, NAT:, Group, Custom, Modify, Step 2:, Address, Address, Address, Address, Service, Service, Tunnel:, Action:, Step 1:, Service:

Content Security Gateway User’s Manual

Step 2: Configure the parameters.

Source Address: Select names of the WAN networks from the drop down list. The drop down list contains the names of all WAN networks defined in the WAN section of the Address menu. To create a new source address, please go to the LAN section under the Address menu.

Destination Address: Select the name of the DMZ network from the drop down list. The drop down list contains the names of the DMZ network created in the Address menu. It will also contain Mapped IP addresses from the Virtual Server menu that were created for the DMZ network. To create a new destination address, please go to the Virtual Server menu. (Please refer to the sections entitled Address and Virtual Server for details)

Service: Select a service from drop down list. The drop down list will contain services defined in the Custom or Group section under the Service menu. These are services/application that are allowed to pass from the WAN network to the DMZ network. Choose ANY for all services. To add or modify these services, please go to the Service menu. (Please refer to the section entitled Services for details)

Schedule: Select the item listed in the schedule to enable the policy to automatically execute the function in a certain time and range.

Tunnel: Select the specific VPN tunnel to enable the VPN traffic in Policy rule.

Action: Select Permit or Deny ALL from the drop down list to allow or reject the packets travelling from the specified WAN network to the DMZ network.

Traffic Log: Select Enable to enable flow monitoring.

Statistics: Select Enable to enable flow statistics.

IDP: Check to enable IDP feature.

Max. Concurrent Sessions: The maximum concurrent sessions that allows to pass through CS-500. 0 means it is unlimited.

QoS: Select the item listed in the QoS to enable the policy to automatically execute the function in a certain time and range.

NAT: Select enable to replace Internet user’s IP address with DMZ interface IP, in order to allow Internet user to access DMZ resource if the DMZ server only allows to be accessed with the same IP subnet.

Step 1: In the WAN To DMZ window, locate the name of policy desired to be modified and click its corresponding Modify option in the Configure field.

- 161 -