Documentation Home
> SunScreen 3.2 Administration Guide
SunScreen 3.2 Administration Guide
Book Information
Preface
Chapter 1 Starting the Administration GUI and Logging In
Terms Used in This Book
Administration GUI Browser Requirements
Accessing Local System Resources
Using the Administration GUI
Administration GUI Navigation Bar and Buttons
Changing the Admin User Password
Chapter 2 Working With Common Objects
Using the Policy Rules Page
Policies List Page
Policies List Panel
Types of Policies
Policies List Page Action Buttons
Using Common Objects
The Screen Field and Common Objects
Service and Service Group Objects
Address Objects
Certificate Objects
Certificate Groups
IPsec Key
Screen Objects
Screen Object Tabs
Miscellaneous Tab
SNMP Tab
Primary/Secondary Tab
Mail Proxy Tab
Adding a Screen Object
SNMP Alert Receivers
Interface Objects
Adding Jar Signatures and Jar Hashes
Proxy Users
Authentication
Time Objects
Chapter 3 Creating and Managing Rules
Packet Filtering Rules
Administrative Access Rules
Network Address Translation (NAT) Rules
NAT Mapping Overview
NAT Administration Page
Your NAT Scenario
Example: Static NAT of a Host to a Host
Example: Reverse Rule
Example: Dynamic Translation of a Range Of Addresses to One Host
Virtual Private Network (VPN) Rules
Before You Begin
Configuring a VPN
Chapter 4 Creating and Managing Policies
Working With Policies
Editing Policies
Working With Policy Locks
Activating Policies
Chapter 5 Using High Availability
Setting Up High Availability
HA Policy
Preparing to Install High Availability
Using the /etc/hosts File for Name Resolution
Defining HA
Modifying the HA Service Group
Using NAT With HA in Routing Mode
Installing High Availability
Configuring Policies for an HA Cluster
Removing HA
HA Logging
Chapter 6 Setting Up and Using Proxies
Matching Proxy Rules
Preparing to Use Proxies
Defining Proxy Data
Setting Up Proxy Users
Writing and Editing Policy Rules for Proxies
Using the FTP Proxy
Using the TELNET Proxy
Using the SMTP Proxy
Using the HTTP Proxy
Proxy Logging
Chapter 7 Configuring Centralized Management Groups
CMG Overview
CMG Requirements
CMG Configuration Tasks
Chapter 8 Adding Remote Administration Stations After Installation
Adding a Remote Administration Station
Chapter 9 Getting Status and Managing Logs
The Information Page
Status Information
Log Page
Setting a Log Viewing Filter
The Information Tab
Action Buttons
Statistics Page
Viewing Statistics
Viewing Logs
Saving and Clearing the Log
Changing the Size of the Log File
Virus Scanning
Chapter 10 Using the Command Line Interface
Command Summary
UNIX (shell) Commands
ssadm Command
Logging In to and Out of SunScreen Remotely
ssadm Subcommand Summary
ssadm configure Command
Configuration Editor Subcommands
Using the Configuration Editor
Working With Policies
Working With Services and Service Groups
Addresses, Address Ranges, and Address Groups
Working With Certificates
Using Certificate Groups
IKE Policy Rule Syntax
Working With Screen Objects
Interfaces
Overlapping Interfaces
Adding or Modifying an Authorized User
Configuration Editor authuser Subcommands
Working With Policy Rules
Modifying Access Rules for GUI Local Administration
Modifying Access Rules for Remote Administration
Network Address Translation (NAT)
Virtual Private Network (VPN)
Information, Statistics, and Logs
Setting Up High Availability (HA)
Centralized Management Groups (CMG)
Getting Support for SunScreen Products
Gathering Data From the Screen
Troubleshooting
Installing and Configuring the Netscape Browser from the Command Line
Appendix A About SunScreen Lite
Differences Between SunScreen and SunScreen Lite
Supported Features
Limitations
Appendix B Quick Start Procedures
Telnet Proxy Service Without Proxy User Authentication
Telnet Proxy Service With Proxy User Authentication
FTP Proxy Service Without Proxy User Authentication
FTP Proxy Service With Proxy User Authentication
HTTP Proxy Service
SMTP Proxy Service
Configuring RADIUS Authentication
Telnet Proxy Service With RADIUS User Authentication
FTP Proxy Service With RADIUS User Authentication
SecurID Clients Supported by SunScreen
Telnet Proxy Service With SecurID User Authentication
FTP Proxy Service With SecurID User Authentication
Glossary
Index
Numbers and Symbols
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
R
S
T
U
V
© 2010, Oracle Corporation and/or its affiliates