- What Location Aware – Medium means?
Ans: There's no specific documentation to explain this. In the security profile, there are three policies, categorized from high to low:
Location Aware - High has the highest severity policy:
- Location Aware - High
- Location Aware - Medium
- Location Aware - Low
Location Aware - Medium has a medium severity policy:
- There's a default "Off Domain Enforcement" FW deny rule assigned in the Remote Domain context. It means once DSA detects that the machine is remotely connected to a domain controller, it’ll deny all outgoing traffic. Only traffic specified in the Force Allow section - “Off Domain Exception” will be allowed.
- Interface Isolation by default is ON so that only Local Area Connection and Wireless network traffic can pass through. Other interfaces will be locked.
Location Aware - Low has the lowest severity policy:
- Since it’s not as high severity as Location Aware – High, there's NO default "Off Domain Enforcement" FW deny rule.
- However, Interface Isolation is ON by default.
- It’s the lowest severity policy, there’s NO default "Off Domain Enforcement" FW deny rule.
- Interface Isolation is OFF by default..
- What does Warm Transfer context/Warm Standby context mean?
Ans: It’s the same as "Restricted Interface Warm Standby context" in DSM. This context is for restricted interfaces which has been locked by Interface Isolation.When an interface is locked, only traffic which is matched to "Force Allow FW rule assigned in the Warm Standby context (same as Restricted Interface Warm Standby context)" can go through the locked interface.For more information, go to the Context section in the DS/IDF Admin Guide.
- What do these rules do concretely?
Ans: If an interface is locked by Interface Isolation, no packet of any type will be allowed in both direction (in and out). Therefore, the interface will not get DHCP/wireless connectivity. The only way to allow packets to pass through the interface is to:
These “Warm Standby Exceptions - xxx” FW rule in IDF is actually the same as "Restricted Interface Exceptions - xxx" in DS. As mentioned above, these rules are Force Allow FW rules which are assigned in the “Warm standby” context in order to let specific traffic pass through the locked interface.
- Create a "warm standby" context.
- Assign FW rules to this context and explicitly allow the desired packets.
- Why are these rules here by default?
Ans: They are there by default because it will allow the locked interdface to get DHCP/wireless connectivity.
Need More Help?
Create a technical support case if you need further support.
About Intrusion Defense Firewall (IDF) default rules
- Intrusion Defense Firewall 1.5
- Windows 2003 Standard
- Windows 2003 Standard 64-bit
- Windows 2008 Server R2
- Windows 2008 Standard
- Windows 2008 Standard 64-bit
- Windows 7 32-bit
- Windows 7 64-bit
- Windows Vista 32-bit
- Windows Vista 64-bit
- Windows XP Professional
- Windows XP Professional 64-bit
Thank you for your feedback!