Rule Based Access Control
The InJoy Firewall™ includes a powerful high-performance rule system that allows administrators to filter traffic in a number of ways.
 |
To manage policy rules, the Firewall GUI features an easy-to-use, yet powerful
editor — called the Rule Workshop.
|
Rule Lists
Firewall Access Control Lists (ACLs) make a powerful tool
for the firewall administrator to control in a practical way how
the firewall treats any IP traffic. The InJoy Firewall™ supports
six groups of rules - evaluated in the following order:
- Whitelist rules
Packets matching Allow rules on this list are unconditionally passed through to your Firewall PC, while packets matching NAT rules are passed on to NAT processing for further inspection. Whitelisted traffic bypass all other rule lists. - Blacklist rules
Packets matching rules on this list are unconditionally rejected. - Observation List rules
Rules on this list are created automatically by the InJoy Firewall™ System rules, in order to keep track of suspicious behavior. - User rules
On this rule list, the network administrator defines the granular access that makes up the organization-specific security policy. - Traffic Shaping rules
Rules on this list are used to prioritize traffic and impose bandwidth constraints. - InJoy Firewall™ System rules
These rules are shipped with the InJoy Firewall™ and serve as the foundation for the security levels.
Real-time Rule Monitoring
A special firewall monitor called Firewall Access Rules displays the list of rules that are active for the currently running Firewall Server.
Rules from every rule list appear in the Access Rules monitor, including system rules, blacklist rules, and so forth. The icon to the left indicates the type of rule. For each rule in the monitor, you will see a name, a description, and the number of packets that have matched the rule.
The Firewall Access Rules monitor also shows the dynamically created rules, enhancing your understanding of the firewall engine activity.
