Fact Sheet on the Linux Firewall Builder
A Primer on the Interface Object in Linux Firewall Builder
Interface Objects
Interface objects are used by firewalls to host objects and cannot exist alone. The specific dialog for the interface object that belongs to the firewall can be described in several parameters. Here is a list of these categories:
Name - The name of the interface object should match up with the name of the firewall machine it represents.
Management interface - When a firewall has many network interfaces, one of them must be allocated as the "management interface," which is used for all communication between Firewall Builder and the specific firewall.
Label - This field is usually not used, but serves the purpose of a descriptive label.
Unprotected interface: an interface that should not assign any access lists or firewall rules.
External Interface: Allocates an interface that connects directly to the Internet.
Regular Interface - This option is used when the interface has an IP address assigned to it.
Address is assigned dynamically - Unlike the regular interface, this option is used when the interface has a dynamic address.
Bridge Port - Use this option to port a bridge firewall.
Unnumbered Interface - Use this option if the specific interface cannot have an IP address.
Security Level - This option is self-explanatory. The security level can be set to External, Internal, or have a numeric value between 0 and 100.
Network Zone - This option is used to set the network zone on Cisco PIX. The dropdown list will show all present network objects. The user will then have the option to choose one of these network objects to command the compiler which network addresses can be reached.
Assigning Policy Rules Using The Interface Object
You can use the Interface Object to assign policy rules. For example, you can drag and drop or copy and past interface objects to the policy rules column to make the firewall correspond.
You can also use the Interface Object with dynamic addresses in policy rules. When an interface has its address assigned dynamically, this means the address is unknown to the Firewall Builder policy compiler when the configuration script is generated. The compiler uses features of the target firewall to fix this.
Published by The Armchair Geek
We are a Mid-West PLR Firm specializing in creating powerful web content for clients in a wide array of industries. This is a sampling of some of our IT-focused articles. For more of our work, you can co... View profile
- NAT PROVIDES MULTIPLEXING and BOLSTERS NETWORK SECURITY for the SMALL BUSINESSA Network Address Translator can solve many of the access problems you may have with your workplace connectivity through the process of multiplexing.
The 5 Pillars of JavaJava is a pure object oriented language. Pure object oriented means having all the features of an object oriented language plus an additional feature of dealing only with object...
Buzzword: Redefining Web 2.0 Word Processing with FlashUsing some online word processors feels like you are submitting forms to edit. Buzzword, a new online entry from Virtual Ubiquity uses Flash to deliver a unique, clean, and simp...- Introduction to Wireless NetworkingThis article will explain several aspects of wireless networking that confuses most customers. It outlines ways that the reader can form his or her own wireless network, as well as some of the technical aspects.
Ultimate Guide to Select the Best Web Hosting Service on the InternetChoosing the right web hosting company is crucial. Each consideration that you put in will most likely get you a good web hosting company. This saves time and effort but best of...
- What is My IP Address?
- What is an IP Address?
- Network Address Translators Improve Access
- Guwf - a Graphical Interface to Uncomplicated Firewall (for Linux)
- How to Secure Your Website and Home Network Effectively
- Where to Download Free Firewalls for Your Computer (Windows, Mac and Linux)
- A Basic Introduction to the Vue 6 Interface
- Firewall Builder is a graphical firewall management and configuration tool
- The Firewall Builder is used primarily on Linux operating systems.
- Interface objects are used by firewalls to host objects and cannot exist alone
1 Comments
Post a CommentLinux has all the tools you need to build security at the command line level. That is one of it's greatest strength. You can use linux commands to route and control ip's just like a router if you know how to do the configurations in the console. You can always use a hardware firewall at the entry point if you want to control access and don't have the Linux command knowledge.