Security inspection

Global configuration for each profile

Default configuration

Configuration for incoming traffic

Define the profile to apply for incoming traffic on the network via the Stormshield Network Firewall.

 

Incoming traffic represents the traffic of an unprotected interface (such as the internet) to a protected interface (your local/internal network).

Configuration for outgoing traffic

Define the profile to apply for outgoing traffic on the network via the Stormshield Network Firewall.

 

Outgoing traffic represents the traffic of a protected interface (such as the internet) to an unprotected interface.

New alarms

Apply the default model to new alarms

This option is related to the Application protection\Alarms module. By enabling it, new alarms will be updated automatically and will be issue with the Stormshield Network signature.

 

The three options that follow will be grayed out if you have chosen an automatic configuration. If you wish to apply them yourself, unselect the option and define the parameters in the fields that follow.

Action

When an alarm is raised, the packet that set off the alarm will be subject to the action configured. You can choose to Pass or Block new alarms.

 

You will notice the status you have applied to the Application protection\Alarms module. New alarms can be found in the column “New”.

Level

Three alarm levels are available: "Ignore", "Minor" and "Major".

Packet capture

By selecting this option, the packet that set off the alarm will be captured.

Advanced properties

Apply translation operations (NAT) before IPSec VPN

This option means that the IP addresses will be modified before the encryption performed by the IPSec VPN.

Treat IPSec interfaces as internal interfaces

If this option is selected, IPSec interfaces will become internal - and therefore protected - interfaces.

 

All networks that are able to go through IPSec tunnels must therefore be legitimized and static routes allowing them to be contacted must be declared. Otherwise, the firewall will reject the IPSec traffic.

IMPORTANT

When this checkbox is selected, the option will apply to all IPSec tunnels defined on the firewall.

Configuring profiles

This screen consists of 2 sections:

  • A zone for editing various possible profile configurations
  • A zone for associating protocol profiles

Select the application profile associated with the protocol from the drop-down list by clicking on the arrow to the right of the field.

To return to the previous menu, click on “Go to global configuration”.