Advertisment

Manage your Firewalls

author-image
PCQ Bureau
New Update

Managing a firewall — whether software or hardware can be

a nightmare sometimes. Depending on how rules are set, access to a particular

service may suddenly be enabled or disabled. Since there are many different

firewalls available in the market, management of all of them from a single point

is a very important requirement.

Advertisment

This is where FWBuilder comes in. It and gets installed

when you choose the Sysadmin workstation. It allows you to create, view and

apply firewall policies to your selected firewall and see the effect it has -

all graphically. It simplifies management of the firewall interface by applying

a common set of rules that the firewalls in your network can use.

To use FWBuilder, run the application from the menu. To

discover the different devices on your network, you can perform a network

discovery by using the Tools | Discover Objects menu item. This will examine the

/etc/hosts file, the network DNS zone and perform SNMP queries to get the list

of hosts available. You can then assign the type of device it is — host,

firewall, etc. The most important task of FWBuilder is to allow you to create a

“Firewall Policy”. This is a set of rules that determine the flow of network

traffic between your internet network and the external network. The rules are

defined by the following terms.

Action



An action in a firewall can be Accept, Deny, Reject, and Account.

Advertisment

Direction



This refers to the source and destination itself. For instance, a source of

“internal” and a destination of “external” means all access initiated

from your internal network to the external network. From source “internal”

to destination “firewall” can mean access to the firewall device itself from

the internal network.

Service



This is the actual network protocol or service that you wish to apply a rule

to. For instance, you might wish to allow SMTP service to your mail server and

HTTP service to your Web server, but disallow all other protocols/services to

both these machines. For this, you will create a rule that specifies the allow

rule for the said service from the source network (internal, Any, etc.) and the

destination machine (the host).

FWbuilder lets you perform all these graphically. You can

use one of many wizards in the application to help you to do these tasks, or

simply open the firewall policy window and start creating your firewall rules

here. Click the apply button to save the results to your firewall.

Advertisment