Summary

Content Security provides additional control over what can be accessed through your firewalls. The HTTP, FTP, SMTP, and TCP Security Servers provide the means to filter content in FireWall-1. Resources are what tell the Security Servers how to filter content.

CVP, a feature present in all of the Security Servers, provides a mechanism for third-party products to scan content for viruses and Trojan horses. UFP, present only in the HTTP Security Server, provides a way for third-party applications to filter users'attempts to access various Web sites.

Frequently Asked Questions

Chapter 1. Introduction to Firewalls

Chapter 2. Planning Your FireWall-1 Installation

Chapter 3. Installing FireWall-1

Chapter 4. Building Your Rulebase

Chapter 5. Logging and Alerting

Chapter 6. Common Issues

Chapter 7. Remote Management

Chapter 8. User Authentication

Chapter 9. Content Security

The Security Servers

The HTTP Security Server

The FTP Security Server

The SMTP Security Server

The TCP Security Server

General Questions about the Security Servers

Debugging the Security Servers

Sample Configurations

Chapter 10. Network Address Translation

Chapter 11. Site-to-Site VPN

Chapter 12. SecuRemote and SecureClient

Chapter 13. High Availability

Chapter 14. INSPECT

Appendix A. Securing Your Bastion Host

Appendix B. Sample Acceptable Usage Policy

Appendix C. 'firewall-1.conf' File for Use with OpenLDAP v1

Appendix D. 'firewall-1.schema' File for Use with OpenLDAP v2

Appendix E. Performance Tuning

Appendix F. Sample 'defaultfilter.pf' File

Appendix G. Other Resources

Appendix H. Further Reading