Filter
Top Products
Chapter 52 System
ISG50 User’s Guide
678
52.7 WWW Overview
The following figure shows secure and insecure management of the ISG50 coming in from the WAN.
HTTPS and SSH access are secure. HTTP and Telnet access are not secure.
•See Section 6.8.1 on page 104 for related information on these screens.
Note: To allow the ISG50 to be accessed from a specified computer using a service, make
sure you do not have a service control rule or to-ISG50 firewall rule to block that
traffic.
•See To-Device Rules on page 354 for more on To-ISG50 firewall rules.
•See Section 7.8 on page 123 for an example of configuring service control to block administrator
HTTPS access from all zones except the LAN.
To stop a service from accessing the ISG50, clear Enable in the corresponding service screen.
52.7.1 Service Access Limitations
A service cannot be used to access the ISG50 when:
1 You have disabled that service in the corresponding screen.
2 The allowed IP address (address object) in the Service Control table does not match the client IP
address (the ISG50 disallows the session).
3 The IP address (address object) in the Service Control table is not in the allowed zone or the
action is set to Deny.
4 There is a firewall rule that blocks it.
52.7.2 System Timeout
There is a lease timeout for administrators. The ISG50 automatically logs you out if the
management session remains idle for longer than this timeout period. The management session
does not time out when a statistics screen is polling.
Zone Select ALL to allow or prevent DNS queries through any zones.
Select a predefined zone on which a DNS query to the ISG50 is allowed or denied.
Action Select Accept to have the ISG50 allow the DNS queries from the specified
computer.
Select Deny to have the ISG50 reject the DNS queries from the specified
computer.
OK Click OK to save your customized settings and exit this screen.
Cancel Click Cancel to exit this screen without saving
Table 273 Configuration > System > DNS > Service Control Rule Add (continued)
LABEL DESCRIPTION