Symantec SGS 360 (10224331) Firewall

Getting started guide Symantec™ Gateway Security 300 Series

This guide briefly describes the tasks and information you need to configure, operate, and maintain your secuirty gateway and provides references to where you can find more information.

The Internet account or accounts that you set up using either the Setup Wizard or the SGMI can be shared by all computers that you connect through the LAN ports, or that use the security gateway as a wireless access point.

This guide includes the following topics:

See Chapter 3, “Running the Setup Wizard” in the Symantec Gateway Security 300 Series Installation Guide for information on the Setup Wizard.

■

Set up an Internet account that all your users can share. Set up multiple Internet connections for continuous access.

■

Control traffic to and from your protected network.

■

Secure your network. Grant network access to your remote users.

■

Prevent and handle attacks. Keep hackers out.

■

Enforce virus protection on your network.

■

Control access to what users on your network can view.

■

Automatically update your security gateway.

■

Maintain your security gateway.

Symantec Gateway Security 300 Series security gateways provides additional ports for backup WAN connection and software that automatically senses failures and transfers WAN data through the backup connection. Model 320 has a serial port to which an external dial-up modem can be attached. Models 360 and 360R have a second full-speed WAN port, in addition to the serial port, to ensure continuous access. See Chapter 3, “Configuring a connection to the outside network” in the Symantec Gateway Security 300 Series Administrator’s Guide for information on connecting your security gateway to the Internet.

Set up an Internet account that all your users can share. Set up multiple Internet connections for continuous access.

Control traffic to and from your protected network.

The first time you access the security gateway, the Setup Wizard guides you through configuring Internet connectivity for the security gateway. Using the Security Gateway Management Interface (SGMI), you can configure a second Internet connection as a backup.

Symantec Gateway Security 300 Series protects enterprise assets and business transactions with one of the most secure, high-performance solutions for ensuring safe connections with the Internet and between networks. The firewall component delivers security and speed, providing strong and transparent firewall 1

Symantec Gateway Security 300 Series supports three types of VPN tunnels: Gateway-to-Gateway, Client-toGateway, and wireless LAN (WLAN) Client-to-Gateway tunnels.

protection against unwanted intrusion without slowing the flow of approved traffic on enterprise networks. Using rules-based software, the security gateway lets you define the type of traffic that can enter or leave your network. ■

Additive license/media kit options for Symantec Gateway Security 300 Series Client-to-Gateway VPN software allow concurrent client-to-gateway VPN tunnels on all models. Licenses are available in 5 and 10 concurrent session increments.

Inbound rules control the type of traffic flowing into application servers on your security gatewayprotected networks. When creating inbound rules, you must specify the applications server, the service, protocols, and ports that the rule allows. When an inbound rule exists, the firewall allows entry for traffic matching the rule from any external host.

Securing your network connections using VPN technology is an important step in ensuring the quality and integrity of your data. See Chapter 6, “Establishing Secure VPN Connections” in the Symantec Gateway Security 300 Series Administrator’s Guide.

Note: By default, all inbound traffic is blocked. ■

Outbound rules control the type of traffic leaving your protected network. By default, all internal computers have no restrictions on outbound access. When you define an outbound rule for a given computer group however, all other traffic is blocked unless an outbound rule is defined to allow it.

Prevent and