Inhaltszusammenfassung zur Seite Nr. 1
Content Security Gateway User’s Manual
Content Security Gateway
CS-500
User’s Manual
Inhaltszusammenfassung zur Seite Nr. 2
Content Security Gateway User’s Manual Copyright Copyright (C) 2005 PLANET Technology Corp. All rights reserved. The products and programs described in this User’s Manual are licensed products of PLANET Technology, This User’s Manual contains proprietary information protected by copyright, and this User’s Manual and all accompanying hardware, software, and documentation are copyrighted. No part of this User’s Manual may be copied, photocopied, reproduced, translated, or reduced to any el
Inhaltszusammenfassung zur Seite Nr. 3
Content Security Gateway User’s Manual Table of Contents CHAPTER 1: INTRODUCTION ........................................................................................................................ 1 1.1 FEATURES ........................................................................................................................................................... 1 1.2 PACKAGE CONTENTS...................................................................................................
Inhaltszusammenfassung zur Seite Nr. 4
Content Security Gateway User’s Manual 4.3 POLICY OBJECT ................................................................................................................................................ 43 4.3.1 Address...................................................................................................................................................43 4.3.1.1 LAN......................................................................................................................
Inhaltszusammenfassung zur Seite Nr. 5
Content Security Gateway User’s Manual 4.4.4 DMZ To WAN & DMZ To LAN............................................................................................................162 4.5 MAIL SECURITY............................................................................................................................................... 166 4.5.1 Configure.........................................................................................................................................
Inhaltszusammenfassung zur Seite Nr. 6
Content Security Gateway User’s Manual Chapter 1: Introduction The innovation of the Internet has created a tremendous worldwide venue for e-business and information sharing, but it also creates network security problems, so the security request will be the primary concerned for the enterprise. Planet’s Content Security Gateway CS-500, a special designed of security gateway for small business, adopts Heuristics Analysis to filter spam and virus mail, auto-training system can raise identify
Inhaltszusammenfassung zur Seite Nr. 7
Content Security Gateway User’s Manual 1.2 Package Contents The following items should be included: CS-500 Content Security Gateway User’s Manual CD-ROM This Quick Installation Guide Power Adapter If any of the contents are missing or damaged, please contact your dealer or distributor immediately. 1.3 Content Security Gateway Front View CS-500 Front Panel LED Description PWR Power is supplied to this device. STATUS Blinks to indicate this devise is being turned on and boo
Inhaltszusammenfassung zur Seite Nr. 8
Content Security Gateway User’s Manual settings. WAN Connect to your xDSL/Cable modem or other Internet connection devices LAN Connect to your local PC, switch or other local network device DMZ Connect to your server or other network device 1.5 Specification Product Content Security Gateway Model CS-500 Hardware Ethernet LAN 1 x 10/100Mbps RJ-45 WAN 1 x 10/100Mbps RJ-45 DMZ 1 x 10/100Mbps RJ-45 LED POWER, STATUS, 10/100 and LNK/ACT for each LAN and WAN port Power 5VDC, 2.4A
Inhaltszusammenfassung zur Seite Nr. 9
Content Security Gateway User’s Manual IDP Anomaly: Syn Flood, UDP Flood, ICMP Flood and more. Pre-defined : Backdoor, DDoS, DoS, Exploit, NetBIOS and Spyware. Custom: User defined based on TCP, UDP, ICMP or IP protocol. QoS Policy rules with Inbound/Outbound traffic management Guaranteed and maximum bandwidth Scheduled in unit of 30 minutes 3 Priorities User Authentication Built-in user database with up to 500 entries Support local database, RADIUS and POP3 authentication Logs Log and
Inhaltszusammenfassung zur Seite Nr. 10
Content Security Gateway User’s Manual Chapter 2: Hardware Installation 2.1 Installation Requirements Before installing the Content Security Gateway, make sure your network meets the following requirements. - Mechanical Requirements The Content Security Gateway is to be installed between your Internet connection and local area network. The Content Security Gateway can be placed on the table or rack. Locate the unit near the power outlet. - Electrical Requirements The Content Security
Inhaltszusammenfassung zur Seite Nr. 11
Content Security Gateway User’s Manual The WAN and DMZ side IP addresses are on the same subnet. This application is suitable if you have a subnet of IP addresses and you do not want to change any IP configuration on the subnet. 2.2.2 NAT Mode Connecting Example Internet ISP ADSL Modem CS-500 WAN: 61.11.11.11 LAN: DMZ: NAT 192.168.1.1 192.168.2.1 DMZ PC 3: DMZ PC 2: LAN PC 1: LAN PC 2: 192.168.2.2 192.168.2.3 192.168.1.2 192.168.1.3 DMZ and WAN IP addresses are on the different subnet
Inhaltszusammenfassung zur Seite Nr. 12
Content Security Gateway User’s Manual Chapter 3: Getting Started 3.1 Web Configuration STEP 1: Connect both the Administrator’s PC and the LAN port of the Content Security Gateway to a hub or switch. Make sure there is a link light on the hub/switch for both connections. The Content Security Gateway has an embedded web server used for management and configuration. Use a web browser to display the configurations of the Content Security Gateway (such as Internet Explorer 4(or above) or Net
Inhaltszusammenfassung zur Seite Nr. 13
Content Security Gateway User’s Manual 3.2 Configure WAN interface After entering the username and password, the Content Security Gateway WEB UI screen will display. Select the Interface tab on the left menu then click on WAN below it. Click on Modify button of WAN, the following page is shown. PPPoE (ADSL User): This option is for PPPoE users who are required to enter a username and password in order to connect. Username: Enter the PPPoE username provided by the ISP. Password:
Inhaltszusammenfassung zur Seite Nr. 14
Content Security Gateway User’s Manual Default Gateway: This will be the Gateway IP address. Domain Name Server (DNS): This is the IP Address of the DNS server. For PPTP (European User Only): This is mainly used in Europe. You need to know the PPTP Server address as well as your name and password. User Name: The user name is provided by ISP. Password: The password is provided by ISP. IP Address: Enter the static IP address assigned to you by your ISP, or obtain an IP addr
Inhaltszusammenfassung zur Seite Nr. 15
Content Security Gateway User’s Manual Destination Address – select “Outside_Any” Service - select “ANY” Action - select “Permit” Click on OK to apply the changes. STEP 4: The configuration is successful when the screen below is displayed. Please make sure that all the computers that are connected to the LAN port have their Default Gateway IP Address set to the Content Security Gateway’s LAN IP Address (i.e. 192.168.1.1). At this point, all the computers on the LAN network sh
Inhaltszusammenfassung zur Seite Nr. 16
Content Security Gateway User’s Manual Chapter 4: Web Configuration 4.1 System The Content Security Gateway Administration and monitoring configuration is set by the System Administrator. The System Administrator can add or modify System settings and monitoring mode. The sub Administrators can only read System settings but not modify them. In System, the System Administrator can: 1. Add and change the sub Administrator’s names and passwords; 2. Back up all Content Security Gateway setti
Inhaltszusammenfassung zur Seite Nr. 17
Content Security Gateway User’s Manual DHCP: Administrator can configure DHCP (Dynamic Host Configuration Protocol) settings for the LAN (LAN) network. Dynamic DNS: The Dynamic DNS (require Dynamic DNS Service) allows you to alias a dynamic IP address to a static hostname, allowing your device to be more easily accessed by specific name. When this function is enabled, the IP address in Dynamic DNS Server will be automatically updated with the new IP address provided by ISP. Host Table: Th
Inhaltszusammenfassung zur Seite Nr. 18
Content Security Gateway User’s Manual Settings of the Administration table Admin Name: The username of Administrators for the Content Security Gateway. The user admin cannot be removed. Privilege: The privileges of Administrators (Admin or Sub Admin) The username of the main Administrator is Admin with read / write privilege. Sub Admin may be created by clicking . Sub Admin have read only privilege. New Sub Admin Configure: Click Modify to change the “Sub Admin” password and click Re
Inhaltszusammenfassung zur Seite Nr. 19
Content Security Gateway User’s Manual Removing a Sub Admin Step 1. In the Administration table, locate the Admin name you want to edit, and click on the Remove option in the Configure field. Step 2. The Remove confirmation pop-up box will appear. Click OK to remove that Sub Admin or click Cancel to cancel. 4.1.2 Permitted IPs Only the authorized IP address is permitted to manage the Content Security Gateway. - 14 -
Inhaltszusammenfassung zur Seite Nr. 20
Content Security Gateway User’s Manual Add Permitted IPs Address Step 1. Click New Entry button. Step 2. In IP Address field, enter the LAN IP address or WAN IP address. Name: Enter the host name for the authorized IP address. IP Address: Enter the LAN IP address or WAN IP address. Netmask: Enter the netmask of LAN/WAN. Ping: Select this to allow the external network to ping the IP Address of the Firewall. HTTP: Check this item, Web User can use HTTP to connect to the Setting window