Defining Access Control Rules:
To define access control rules, perform the following steps using SmartDashboard:
1. Define network objects for each network and host using SmartDashboard.
2. Click the Firewall tab in SmartDashboard.
3. From the SmartDashboard menu, select Rules > Add Rule and then select either Bottom, Top, Below,or Above.
4. Double-click the Name column, type a Rule Name and click OK.
5. Right-click in the Source column and select Add.
6. Select a network object and click OK.
7. Right-click in the Destination column and select Add Objects.
8. Select a network object and click OK.
9. Right-click in the VPN column and select Edit Cell.
10. Select a VPN match condition and click OK.
11. Right-click in the Service column and select Add.
12. Select a service or a service group and click OK.
13. Right-click in the Action column and select Accept, Drop, or Reject.
14. Right-click in the Track column and select Add.
15. Select one of the tracking options.
16. Right-click in the Install On column and select Add.
17. Select one of the Install on options.
18. Right click in the Time column and select Add if you want to add a time frame to the rule.
19. Configure the Time Properties and click OK.
Defining an Access Control Policy:
The Access Control policy is required to:
- Allow internal users to access the Internet.
- Allow all users access to the servers on the DMZ network.
- Protect the network from outsiders.
The policy also requires two basic rules: a Stealth rule and a Cleanup rule.
Figure 1-3 Typical Network with Access Control Policy