SunScreen 3.1 Administration Guide

Terms Used in This Book

To manage the SunScreen firewall effectively, you need to know what certain terms mean. A few of the basic terms are defined below. Other terms will be defined throughout the book when they are first used. All terms can be looked up in the Glossary in the back of this manual, just before the index.

A Screen is the system running the firewall software. An Admin Station is a system used to configure and administer the Screen. An Admin Station can be attached locally to the Screen or it can exist at a remote location on your network or across the Internet.

Common Objects are the smallest unit that you define on a Screen. Common Objects include items like the addresses of networks and individual hosts, different services (network protocols), and the usernames of people authorized to administer the Screen.

Policy Rules are the individual rules that make up a Policy (see following explanation). Policy Rules describe the relationships between the Common Objects (for example, hosts that can communicate with each other). There are four types of policy rules:

The collection of all these relationships comprise the Security Policy.

A Policy is a named set of policy rules. When you installed the SunScreen, it created an initial policy for you, based on the information you gave it. The name of this policy is Initial. The default policy rules after a new installation are basically that everything is "open". In other words, there is no packet filtering or any other type of firewall activity going on.