Tuesday, July 5, 2011

Firewall Builder 5 - Attached Networks

Firewall Builder 5 includes a new feature called Attached Network objects. These new objects are child objects of firewall interface objects and act like a group object that automatically includes all of the IP networks that are associated the IP addresses assigned to the interface that the Attached Network object was created under.
Once created the Attached Network object can be used in firewall rules just like regular group objects and can be created under interfaces that are configured with either static or dynamic IP addresses. This makes it easy to refer to all the networks that are directly attached to a particular firewall interface.
Let's look at a quick example. Suppose I have a firewall that includes interface eth0 which is configured with static IP addresses 192.168.2.1/24 and 10.10.10.1/24. If I want to create a rule that allows traffic from the local network on eth0 to the firewall itself currently I could either use two network objects in the rule's Source or create a Group object that includes these networks and use that in the rule's Source.
Now with Attached Networks I can simply create a new Attached Network child object under eth0 and use that in the rule's Source. This Attached Network object will include both the 192.168.2.0/24 and 10.10.10.0/24 networks and if I add a new static IP address to eth0 the Attached Network object will automatically update with the IP network of the new IP address.
You can find more information about creating and using Attached Networks in the Firewall Builder 5 Users Guide here.

204 comments:

«Oldest   ‹Older   201 – 204 of 204 «Oldest ‹Older   201 – 204 of 204   Newer› Newest»