Eicon Networks S92 Manual do Utilizador descarregar pdf (Página 103)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 103

LocalInterfaceConfiguration:

AtVisNetic_1,wearetryingtoprotectthefollowingtrustedsubnets:

n Internal_Servers(192.168.18.0)

n Critical_Resources(192.168.21.0)

Thesesubnetsaretobetreatedaslocal bytherespectiveinterfacesofVisNetic_1:

n 192.168.18.0– trustedby192.168.18.1

n 192.168.21.0– trustedby192.168.21.1

Thus,interface192.168.18.1 and192.168.21.1shouldbeconfiguredtoallowall

traffic.Ontheotherhand,RAS_Net(192.168.22.0)includesdialinusers,andis

consideredasremoteanduntrusted.

ExternalInterfaceConfiguration:

Now,weneedtodeterminetheremotesubnetsthatneedtoaccessthetrustedsubnets

listedinthelastsection.OneobviousexternalinterfaceonVisNetic_1is192.168.16.6,

whichistheCore_Netconnectedtothecoreswitch.Onthisinterfacetrafficmustbe

filtered,withrulesbeingconfiguredasfollow(segmentontheleftrepresentsthelocal

side,whiletheoneontherightrepresentstheremoteside):

n Internal_Servers(192.168.18.0) < IN&OUT,MicrosoftNetworking,DNS

Query,SMTP,POP3,HTTP,FTP >Internal_Clients(192.168.17.0)

n Internal_Servers(192.168.18.0) < IN&OUT,MicrosoftNetworking,DNS

Query,SMTP,POP3,HTTP,FTP >Internal_Dev(192.168.20.0)

n Critical_Resources(192.168.21.0) < IN&OUT,HTTP andHTTPS >

Internal_Clients(192.168.17.0)

n Critical_Resources(192.168.21.0)< IN&OUT,HTTPandHTTPS >

Internal_Dev(192.168.17.0)

n Critical_Resources(192.168.21.0) < IN&OUT,HTTP andHTTPS >

Core_NetVPNClients(Addressrange:192.168.16.55to192.168.16.65)

n Any<IN&OUT,Any >Internal_Admin(192.168.19.0)

1 2 ... 98 99 100 101 102 103 104 105 106 107 108 ... 208 209

Sem comentários

Eicon Networks S92 Manual do Utilizador Página 103