test

SunScreen 3.1 Administration Guide

Screens

The Screen object controls much of the identity of SunScreen. It contains information for your stealth, HA, cluster, and administrative rules. Upon installation, a Screen object is created, which you can edit. As with other common objects you can edit, you must specify all the options that you want to set; otherwise the options are set to off, the default.

To Add a Screen

    To add a screen object with a previously- created certificate, using DNS and NIS for Name Service, pass routing information, and a comment, type the following:


    edit> add screen vorticity ADMIN_CERTIFICATE  vorticity.admin RIP 
DNS NIS COMMENT "The screen that protects the sales office"

To List the Screens

    Type the following to list all the Screens:


    edit> list screen
"sphere" ADMIN_CERTIFICATE "sphere.admin" CDP RIP 
DNS COMMENT "This is the data center screen"

To Add an SNMP Receiver to a Screen

    To add an SNMP receiver to the previous Screen:


    edit> add screen sphere ADMIN_CERTIFICATE sphere.admin 
RIP DNS NIS  SNMP 10.100.253.200

To Add Multiple SNMP Receivers to a Screen

    To add multiple SNMP receivers to the previous Screen object:


    edit> add screen vorticity ADMIN_CERTIFICATE vorticity.admin
ROUTING DNS NIS SNMP 10.100.253.200 10.100.253.254

To Add a Time Status Indicator to a Screen

    To add a Time Status Indicator of 30 minutes to the previous Screen object:


    edit> add screen vorticity ADMIN_CERTIFICATE vorticity.admin 
ROUTING DNS NIS SNMP_TIMER 30 SNMP 10.100.253.200 10.100.253.254

To Remove SNMP Receivers From a Screen

    To remove SNMP receivers from the Screen, do not include them in the Screen object when you set it:


    edit> add screen vorticity ADMIN_CERTIFICATE vorticity.admin RIP DNS NIS

To Set Logsize on a Screen

The Screen object allows you to set the maximum size of your log file. The value is in Mb, where 200 is 200 Mb.

    At the command line prompt, type:


    edit> add screen sphere ADMIN_CERTIFICATE sphere.admin 
CDP RIP DNS SNMP 10.100.253.200 LOGSIZE 200

To Set a Screen to Stealth Mode

    Type the following:


    edit> add screen vorticity ADMIN_CERTIFICATE vorticity.admin 
RIP STEALTH_NET 10.100.253.0 255.255.255.0 
COMMENT "The screen in Stealth Mode"