Protecting An Ftp Server With An Alg - D-Link NetDefend DFL-210 User Manual
Network security firewall
Hide thumbs
Also See for NetDefend DFL-210:
- User manual (495 pages) ,
- Log reference manual (476 pages) ,
- Cli reference manual (213 pages)
Table of Contents
Advertisement
6.2.3. The FTP ALG
malicious code. Suspect files can be de dropped or just logged.
This feature is common to a number of ALGs and is described fully in Section 6.4, "Anti-Virus
Scanning".
FTP ALG with ZoneDefense
Used together with the FTP ALG, ZoneDefense can be configured to protect an internal network
from virus spreading servers and hosts. This is relevant to 2 scenarios:
•
A. Infected clients that need to be blocked.
•
B. Infected servers that need to be blocked.
A. Blocking infected clients.
The administrator configures the network range to include the local hosts of the network. If a local
client tries to upload a virus infected file to an FTP server, NetDefendOS notices that the client
belongs to the local network and will therefore upload blocking instructions to the local switches.
The host will be blocked from accessing the local network and can no longer do any harm.
B. Blocking infected servers.
Depending on the company policy, an administrator might want to take an infected FTP server
off-line to prevent local hosts and servers from being infected. In this scenario, the administrator
configures the address of the server to be within the range of the network to block. When a client
downloads an infected file, the server is isolated from the network.
The steps to setting up ZoneDefense with the FTP ALG are:
•
Configure the ZoneDefense switches to be used with ZoneDefense in the ZoneDefense section
of the WebUI.
•
Set up the FTP ALG to use Anti-Virus scanning in enabled mode.
•
Choose the ZoneDefense network in the Anti-Virus configuration of the ALG that is to be
affected by ZoneDefense when a virus is detected.
For more information on this topic refer to Chapter 12, ZoneDefense.
Example 6.2. Protecting an FTP Server with an ALG
As shown, an FTP Server is connected to the D-Link Firewall on a DMZ with private IP addresses, shown below:
Note
If a client downloads an infected file from a remote FTP server on the Internet, the
server will not be blocked by ZoneDefense since it is outside of the configured network
range. The virus is, however, still blocked by the D-Link Firewall.
202
Chapter 6. Security Mechanisms
- Quick Links:
- The Cli
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
