About firewall rule host triggers

Article:HOWTO54989  |  Created: 2011-06-29  |  Updated: 2011-12-16  |  Article URL http://www.symantec.com/docs/HOWTO54989
Article Type
How To


Subject


About firewall rule host triggers

You specify the host on both sides of the described network connection when you define host triggers.

Traditionally, the way to express the relationship between hosts is referred to as being either the source or destination of a network connection.

You can define the host relationship in either one of the following ways:

Source and destination

The source host and destination host is dependent on the direction of traffic. In one case the local client computer might be the source, whereas in another case the remote computer might be the source.

The source and the destination relationship are more commonly used in network-based firewalls.

Local and remote

The local host is always the local client computer, and the remote host is always a remote computer that is positioned elsewhere on the network. This expression of the host relationship is independent of the direction of traffic.

The local and the remote relationship is more commonly used in host-based firewalls, and is a simpler way to look at traffic.

You can define multiple source hosts and multiple destination hosts.

Figure: The relationship between source and destination hosts illustrates the source relationship and destination relationship with respect to the direction of traffic.

Figure: The relationship between source and destination hosts

The relationship between source and destination hosts

Figure: The relationship between local and remote hosts illustrates the local host and remote host relationship with respect to the direction of traffic.

Figure: The relationship between local and remote hosts

The relationship between local and remote hosts

Relationships are evaluated by the following types of statements:

The hosts that you define on either side of the connection (between the source and the destination)

 

OR statement

Selected hosts

 

AND statement

For example, consider a rule that defines a single local host and multiple remote hosts. As the firewall examines the packets, the local host must match the relevant IP address. However, the opposing sides of the address may be matched to any remote host. For example, you can define a rule to allow HTTP communication between the local host and either Symantec.com, Yahoo.com, or Google.com. The single rule is the same as three rules.

See Adding host groups

See Blocking traffic to or from a specific server.

See About firewall rules.


Legacy ID



v10221891_v59371754


Article URL http://www.symantec.com/docs/HOWTO54989


Terms of use for this information are found in Legal Notices