Greetings to the readers in the third article of the Continent Getting Started series, which tells about the UTM solution from the Security Code company. In the last article, the process of installing the security node was described and its initial configuration was made. In this article we will take a closer look at the Firewall component and create filtering and broadcasting rules.
« » : UTM . , . , , . .
« » – « ». . .
:
() 192.168.1.0/24;
192.168.10.0/24;
– 192.168.1.10
DMZ – 172.16.20.100
ip- – 10.10.1.244;
ip- – 10.10.1.245.
4 . .csv . :
: « » – .
, .
Active Directory.
AD LDAP. «» «LDAP» « LDAP ».
«» . «» AD LDAP. «» , , . . «» IP- AD . AD LDAPS.
« » «»: – « » – « LDAP». LDAP « LDAP-». AD , LDAP-. . «».
. 50 . -, , , , , .
. .
. (hotfix) ( ) . .
3000 . , WhatsApp, ; , . sales@tssolution.ru
, . . , . – – – «audio».
. , , , ( «news» ).
:
-
,
:
, .
, ICMP, HTTP(S) DMZ .
, http(s), ftp, dns, icmp .
, , , . (.. , , . , )
, RDP Telnet ,
, http(s), ftp, dns, icmp .
, .
3.9:
. (192.168.10.0/24).
4.1 Check Point R77.30 R80.20, .
NAT
:
« » — . - .
«» — (hide NAT). IP- IP-, .
«» — IP- (source NAT)
«» — IP- (destination NAT)
«» — IP- « »
3 :
– . .
– hide NAT .
– hide NAT .
, . , 5 ( ) . IP- (Admin 192.168.1.X), , .
:
5 , :
2 , :
Quality of Service (QoS). . QoS:
8 (, , , , , , , )
IP-
IP- DSCP- IP-. DSCP DiffServ. DiffServ — , , (ToS).
:
DS5-DS3 . DS2, DS1 . DSCP CS (Class Selector), AF (Assured Forwarding), EF (Expedited Forwarding).
DSCP- CS 3 , . :
, CS0 , CS7 – .
DSCP- AF . x y. X – ( 4 ), y – (3 ). AFx1 .
DSCP- EF . DSCP 46. , .
Best Effort. DSCP – 0. , .
HFSC, . . « » .
, ICMP, HTTP(S) . .
. , . .
Multi-WAN
. Multi-WAN:
;
;
.
Multi-WAN Multi-WAN.
4.1. . .
-.
P.S. , , . 4.1 dl@tssolution.ru
- , TS Solution