Jump to:navigation, search
Wiki

Adaptation of the firewall

From Securepoint Wiki






































































{{var | Anpassen des Mailfilters--desc

| In Applications Mailfilter wird im Reiter Filterregeln überprüft, ob die Regeln Spam_SMTP und Spam_POP3-Proxy aktiviert Ein sind
Das bewirkt, dass eine E-Mail die von der Firewall als Spam deklariert wird, eine vordefinierte Nachricht im Betreff erhält (in diesem Fall "[SPAM]" bzw. "[PROBABLY_SPAM]") und an den internen Mailserver weitergeleitet wird. Der Mailserver filtert seinerseits nun die ankommenden E-Mails im Betreff nach dieser Nachricht und schiebt diese dann in einen Junk-Ordner. So können die Benutzer intern selber entscheiden, ob die E-Mails für sie von Belang sind oder nicht.
   | In Applications Mailfilter , the Filter rules tab checks if the rules Spam_SMTP and Spam_POP3-Proxy are enabled Vorlage:ButtonOn
This causes an email declared as spam by the firewall to receive a predefined message in the subject (in this case "[SPAM]" or "[PROBABLY_SPAM]".) and forwarded to the internal mail server. The mail server, for its part, now filters the incoming emails for this message in the subject and then pushes them into a junk folder. This allows users to decide for themselves within the company whether the emails are relevant to them or not.
  

























De.png
En.png
Fr.png






Adaptation of the firewall to the UMA
Last adaptation to the version: 3.3.5
New:
Last updated: 
01.2024
notempty
This article refers to a Resellerpreview

3.3 2.5.6


Introduction

The UMA is usually used in an internal network of an upstream firewall or a router with a firewall function. To ensure full functionality, it is necessary in some cases to release the required ports for the UMA.

Required ports

The following ports must be configured in the firewall so that the UMA can be used:

Function Port/protocol
Updates and timestamp retrieval 443/TCP
Time server 123/TCP, 123/UDP
IMAP 143/TCP, 993/TCP
POP3 110/TCP, 995/TCP
SMTP 25/TCP, 465/TCP, 587/TCP
Name resolution 53/TCP, 53/UDP

Corresponding firewall rules must be created for these ports. If a UTM is used for this, the following Wiki articles describe the Configuration of the port filter.

In Firewall Packetfilter , the Add rule button adds a corresponding rule.

# Source: Target: Service: NAT Task: Active: Description
Dragndrop.png 1 Host.svg UMA Host.svg Mailserver Tcp.svg imap or Tcp.svg imap-ssl or
Tcp.svg pop3 or Tcp.svg pop3s		 Accept On Rule for retrieving emails from an external mail server
Dragndrop.png 2 Host.svg UMA Interface.svg internal-interface Service-group.svg dns Accept On Rule for name resolution.
Dragndrop.png 3 Host.svg UMA Host.svg Mailserver Tcp.svg smtp Accept On Rule for sending Alertincenter messages

Timestamp

A firewall rule is also required for the time stamp signature and time synchronization. The firewall rules for the timestamp server and time synchronization must apply:

  • Source: the UMA used
  • Destination: for the timestamp tsa.utimaco.com, for time synchronization ntp.securepoint.de
  • Service: https
  • NAT: the external interface
In Firewall Network objects click Add object to create the network object.
Caption Value Description Add Network Object UTMuser@firewall.name.fqdnFirewallNetwork object: UMA3.3.5 Firewall Portfilter Netzwerkobjekte Zeitstempel-en.png
Name: Timestamp server The name of the network object
Type: Hostname Select hostname as type
Hostname: tsa.utimaco.com Enter the host name tsa.utimaco.com
Zone: external Select as zone where the server is located
Groups:     A group can be added
In Firewall Packetfilter , the Add rule button adds a corresponding rule.
# Source: Target: Service: NAT Task: Active:
Dragndrop.png 4 Host.svg UMA Host.svg Timestamp server Tcp.svg https HN Accept On
Dragndrop.png 5 Host.svg UMA Host.svg Time synchronization Tcp.svg ntp-tcp orUdp.svg ntp-udp HN Accept On


Updateserver

A corresponding firewall rule must exist so that the UMA can download updates.
The update server responsible for this is: ext.proxy-001.spnoc.de

In Firewall Network objects click Add object to create the network object.
Caption Value Description Add Network Object UTMuser@firewall.name.fqdnFirewallNetwork object: UMA3.3.5 Firewall Portfilter Netzwerkobjekte Updateserver-en.png
Name: Updateserver The name of the network object
Type: Hostname Select hostname as type
Hostname: ext.proxy-001.spnoc.de Enter the host name tsa.utimaco.com
Zone: external Select as zone where the server is located
Groups:     A group can be added
In Firewall Packetfilter , the Add rule button adds a corresponding rule.
# Source: Target: Service: NAT Task: Active:
Dragndrop.png 6 Host.svg UMA Host.svg Updateserver Tcp.svg https Accept On

Further setting options

Depending on the firewall used, further functionalities can then be set, such as checking the mails for viruses, filtering for spam or forwarding the mails to an internal mail server.
If a UTM is used, the following wiki articles describe how to configure the Mailrelay and the Mailfilter.

Retrieved from "https://wiki.securepoint.de/index.php?title=UMA/Konfig/Anpassung_der_Firewall&oldid=89648"