Security |
On the tab, you can configure restrictions for network addresses from which Agents, network installers and other (“neighboring”) Dr.Web Servers will be able to access the Server. To manage Server audit log, use the following flags: • allows to log operations of administrator with Dr.Web Security Control Center and writing the log into the DB. • allows to log Dr.Web Server internal operations and writing the log into the DB. • allows to log operations via XML API.
The tab contains additional tabs on which you can set the restrictions for the correspondent types of connections: •—the list of limitations on IP addresses from which Dr.Web Agents can connect to this Server. •—the list of limitations on IP addresses from which Dr.Web Agents installers can connect to this Server. •—the list of limitations on IP addresses from which neighbor Dr.Web Servers can connect to this Server. •—the list of limitations on IP addresses from which broadcast queries can be received by the Server Detection Service. To set access restrictions (separately for Agents, Installations, Neighbor Servers or Discovery service) 1.Set the flag to specify lists of allowed or denied addresses. If the flag is cleared, all connections are allowed. 2.To allow the access from a specific TCP address, include it into the or list. 3.To deny specific TCP address, include it into the or list. 4.The addresses not included into any of the lists are allowed or denied depending on whether the flag is set. If the flag is set, the list has a higher priority than the list. Addresses not included in any of the lists or included into both of them are denied. Allowed only addresses that are included in the list and not included in the list. To edit the address list 1.Specify network address in the corresponding field in the following format: <IP address>/[<network prefix>]. 2.To add a new field, click the button in the corresponding section. 3.To delete a field, click next to the deleting address. 4.Click to apply settings.
Examples of prefix usage: 1.Prefix 24 stands for a network with a network mask: 255.255.255.0 Containing 254 addresses. Host addresses look like: 195.136.12.* 2.Prefix 8 stands for a network with a network mask: 255.0.0.0 Containing up to 16387064 addresses (256*256*256). Host addresses look like: 125.*.*.* |