Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

You are tasked with implementing a rule set for a firewall. Internal computers a

ID: 3636167 • Letter: Y

Question

You are tasked with implementing a rule set for a firewall. Internal computers are running Windows operating systems.

(3) In the following table create a rule set to implement the following requirements.
• Internal users are allowed to access web servers on the Internet (both HTTP and HTTPS) but do so via a proxy server that has an IP address of 192.168.20.5.
• Access to the following servers is not allowed:
a. www.riaa.com
b. www.mpaa.org
• Users are allowed to directly access an SSH server running at andromeda.cs.odu.edu
• Computers on the Internet should be allowed to connect to your email server (SMTP only) in order for your company to receive emails from other organizations. The IP address of the email server is 192.168.20.10.
• Your email server must be able to connect to other email servers on the Internet to forward outgoing email (SMTP only).
• All other traffic is not allowed

Rule Number Protocol Source Address Source Port Destination Address Destination
Port Direction Action





Explanation / Answer

The exact syntax of these rules will vary by the firewall. Some firewalls can't recognize protocols and need to have the port numbers specified, in which case: HTTP: 80 HTTPS: 443 SSH: 22 SMTP: 25 Also, some firewalls will require that hosts be named by IP address or IP ranges (IP Address/Mask) www.riaa.com: 76.74.24.200 www.mpaa.org: 69.172.201.20 Using the domain name is always a better option where possible, since many domains have webserver clusters with more than 1 IP address. 1 Allow HTTP from * Internal Clients to 192.168.20.5 2 Allow HTTPS from * Internal Clients to 192.168.20.5 3 Deny * Protocols from * to www.riaa.com 4 Deny * Protocols from * to www.mpaa.org 5 Allow HTTP from 192.168.20.5 to * External 6 Allow HTTPs from 192.168.20.5 to * External 7 Allow SSH * Internal Clients to andromedia.cs.odu.edu 8 Allow SMTP * to 192.168.20.10 9 Allow SMTP 192.168.20.10 to * 10 Deny All

Related Questions

You are talking to a customer who wants to add a wireless network component to h
Question #3933229
You are talking to a customer who wants to add a wireless network component to h
Question #3933230
You are talking to a customer who wants to add a wireless network component to h
Question #3939803
You are talking to a customer who wants to add a wireless network component to h
Question #3939806
You are talking to a customer who wants to add a wireless network component to h
Question #3939807
You are talking to a customer who wants to add a wireless network component to h
Question #3939808
You are talking to a customer whose laptop power cord has recently failed. He bo
Question #1993102
You are talking to a customer whose laptop power cord has recently failed. He bo
Question #1994048
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
You are tasked with identifying lead molecules for a protein tyrosine kinase cal
Next
You are tasked with implementing the myTunes application’s interface. Your progr

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.