Eicon Networks S92 Uživatelský manuál Strana 104

  • Stažení
  • Přidat do mých příruček
  • Tisk
  • Strana
    / 209
  • Tabulka s obsahem
  • KNIHY
  • Hodnocené. / 5. Na základě hodnocení zákazníků
Zobrazit stránku 103
YuChakTinMichael‘sGIACGCFWProjectAssignment
Page 104
n DISALLOWAny<IN&OUT,Any >Any
Anotherinterfacewhichrequiresfilterstobesetupistheinterfaceattachedto
RAS_Net,whichis192.168.22.1:
n RAS_Net(192.168.22.0)< IN&OUT,Any >Internal_Servers(192.168.18.0)
n RAS_Net(192.168.22.0) < IN&OUT,HTTP,HTTPSandDNSQuery >
Public_Services(192.168.8.0)
n DISALLOWAny<IN&OUT,Any >Any
Dependingontheneedsoftheusers,additionaltrafficmaybeallowed.Refertothe
ProductsPreparation”sectionforafulllistofprotocolscommonlyusedina
Windowsbasednetwork.
Itisalwaysagoodpracticetoexplicitlyadda“dropeverything”ruleasthelast
rule.Thisensuresthatallillegitimaterequestsarelogged.
BasicTesting: 
n Fromaninternalclient,accessasharethatbelongstothefileserverinside
Internal_Servers.Theattemptshouldsucceed.
n Fromaninternalclient,accessthedatabaseapplicationserverinside
Critical_Resourcesviatelnet.Theattemptshouldfail.
n Fromaninvalidinternalclient,accesstheintranetserverinsideInternal_Servers
viaHTTP.Theattemptshouldfail.
n Inspectthelogfile.
FurthertestingshouldbeperformedattheAuditstage.
Zobrazit stránku 103
1 2 ... 99 100 101 102 103 104 105 106 107 108 109 ... 208 209

Komentáře k této Příručce

Žádné komentáře