1、VisNetic FirewallVisNetic Firewall 是一款在 Windows 底下,轻松的防护好计算机并阻绝外人对计算机系统的入侵的软件防火墙软件。VisNetic Firewall 防火墙是一个数据包筛选软件防火墙内置到保护基于 Windows 的服务器,远程 / 移动用户和 LAN 工作站当前不受防火墙。 VisNetic 防火墙是更安全比基于应用程序的个人防火墙,是一个性价比非常高的软件防火墙。 企业在使用软件或硬件实现 Internet 共享的解决方案时,都会担心内部网络受到威胁。VisNetic 防火墙是中小企业在没有硬件防火墙保护下最廉价、最有效的软件防火墙保护方
2、案。VisNetic Firewall 常用于商业工作站、企业服务器、局域网工作站,具有超越个人防火墙的安全性以及更专业的网络设置,几乎能控制你所有的上网联系。VisNetic Firewall 可以自动锁定那些对服务器端口恶意扫描的行为,锁定 Syn Flood 攻击 IP,过滤任意自己定义的文件扩展名,以及强大的 TCP,UDP, ICMP 通讯协议的自定义。VisNetic Firewall Installation GuidePreparing for InstallationTo ensure a smooth and trouble-free installation of the
3、 VisNetic Firewall, there aresome steps that you must take before running the setup program.Record Your TCP/IP SettingsNOTE: This step is critical if you are installing onto an NT4 computer!During the installation of VisNetic Firewall, you will be asked questions regarding theusage of each of the ne
4、twork adapters in your computer. In order to answer thesequestions, before you begin the installation you should record the followinginformation about each adapter in your system: Adapter Name: record the name of the adapter as it appears in your WindowsNetwork properties Connection Type: is this ad
5、apter connected to your internal LAN or to yourInternet connection? TCP/IP Settings: record the IP address(es), DNS Server settings, GatewaysettingHINT: A quick way to collect the adapter name and TCP/IP settings is to save theoutput from the Windows ipconfig command (this command is not available o
6、nWindows 95).Open the Command Prompt (or the MS-DOS Prompt on Windows 98 systems)Type in the following:ipconfig /all tcp.txtThis will output the TCP/IP settings for all adapters in your system to a text filecalled tcp.txt. You can then open this file in Notepad and print it out for referenceduring t
7、he installation. If you have 2 adapters with the same name, the order thatthey appear in the ipconfig output will be the same order that they are detectedduring the VisNetic Firewall installation.Formulate a Security PolicyBefore installing VisNetic, you should have a clear picture of the security p
8、olicy thatyou want the firewall to enforce. If you are installing VisNetic Firewall on an Internetserver, what service(s) do you need to make available to the public? Are yourunning a web server, email server, FTP server?If you are installing VisNetic Firewall on a computer that requires outbound ac
9、cess tothe Internet, what software do you want to allow to communicate? Do you requirebrowser access, FTP client access, remote control access?Because (by default) VisNetic Firewall works on the premise that all traffic will beblocked unless you specifically allow it, knowing what you want to permit
10、 through thefirewall is essential to ensuring that the firewall is blocking unwanted traffic, while stillallowing access to the Internet services that you require.Begin the InstallationOnce you have completed the above steps, you are ready to begin. To start theinstallation, double click on the setu
11、p file that you downloaded from the VisNeticFirewall web site.Setup: Welcome Screen & License AgreementWhen you execute the VisNetic Firewall setup file, you are presented with aWelcome Screen. It is recommended that you exit all other Windows programsbefore continuing with the installation. If you
12、have other programs running, click theCancel button to exit the installation, exit all other programs, then rerun the VisNeticFirewall setup file.If you have no other Windows programs running, click the Next button to continuewith the installation.You will then be presented with the End User License
13、 Agreement.Once you have read over the End User License Agreement, if you agree with theterms of the license click the “I agree“ radio button and click Next to continue.Setup: User InformationOn the User Information screen, enter your Name and Company Name. If you havepurchased a license, enter it i
14、nto the Registration Key field. If you are evaluatingVisNetic, leave the Registration Key field blank and click the Next button.If you have left the Registration Key field blank, you will be presented with a screenwhere you can choose to evaluate either the Workstation or the Server Version ofVisNet
15、ic Firewall.Important: If you are installing VisNetic Firewall onto a computer running NT4Server or Windows 2000 Server, you must choose the Server Version. If you areinstalling onto any other operating system, you can choose to evaluate either theServer or Workstation Version.Setup: Installation Di
16、rectoryThe default installation folder for VisNetic Firewall isc:Program FilesDVisNetic Firewall.If you would like to install VisNetic Firewall into a different folder, type the newlocation into the text field, or click the Browse button to select an installation folder.Troubleshooting Tip: If you a
17、re installing VisNetic Firewall onto a Windows NT4computer and receive a “Setup“ error during installation, run setup again and installVisNetic Firewall into a path that does not include spaces in the folder name (i.e.c:VisNetic). The fact that some NT4 systems have difficulty with spaces in foldern
18、ames is a well documented issue with Windows NT4.Setup: Shortcut FolderVisNetic Firewall setup will create a Start Menu Folder that contains all of theprogram icons for VisNetic Firewall. By default, a D submenu will becreated off of the Programs menu, with an VisNetic Firewall folder within it. If
19、youwould like to change the name or location of the VisNetic Firewall shortcut folder,type a different name into the text box, or click the down arrow to select an existingfolder to place the VisNetic Firewall icons into.Setup: Ready to InstallOnce you click the Install button on the Ready to Instal
20、l screen, the setup programwill begin copying files to your system and installing the necessary drivers andsupport files.IMPORTANT! NT Users Read This! If you are installing onto an NT4 computer andhave not completed the pre-installation steps, please Cancel the installation andgather the necessary
21、information before beginning. On NT4, during this portion ofthe installation you will be prompted to enter in the TCP/IP settings for each networkadapter in your system. If you have not documented this information beforebeginning the installation, you will not know how to fill in the screens that wi
22、ll bepresented to you.Windows NT4 InstallationsWhen installing VisNetic Firewall onto Windows NT4, after setup has copied thenecessary files, you will be prompted to configure the TCP/IP settings for theVisNetic Protocol Driver for each network adapter in your system.Using the notes that you took in
23、 the preinstallation steps, configure the IP Address,Subnet Mask, and Default Gateway for the network adapters that is displayed in thedropdown box. If you have more than one IP address assigned to a particularadapter, click the Advanced button to enter the additional IP address(es).After configurin
24、g the first adapter, use the dropdown arrow to select the next adapter(if present) and configure it according to your notes.Once you have completed the configuration for all adapters in the drop-down box,click the OK button to continue with the installation.Configuration Wizard SelectionThe VisNetic
25、 Firewall setup program includes a Firewall Configuration Wizard thatcan be used to help you configure your firewall.On this screen, you are presented with 4 choices:Yes, start the Configuration Wizard selecting this option is the best choice if youare installing VisNetic Firewall for the first time
26、. The Configuration Wizard will askyou a serious of questions, and automatically configure VisNetic Firewall with a set ofrules for each adapter in your system by using the information that you supply.No, I would like to manually configure my rulesets after the firewall is installed this option is f
27、or use by advanced users who are comfortable with manuallycreating rules. Selecting this option will result in VisNetic Firewall being installed withno rules and all traffic blocked by default.I have existing rules that I want to import for each adapter use this option ifyou have *.rls rules files f
28、rom a previous installation (or converted from ConSeal) thatyou would like to import onto your network adapters. This option is useful if you aremoving a firewall configuration from one computer to another, or if you have createda set of rules that you know will be appropriate for the configuration
29、of adapters inthis computer.Once you choose this option and click the Next button, you will be prompted toBrowse for a *.rls file for each adapter in your system.I am reinstalling and have a ruleset that I would like to use use this option onlyif you have previously saved a *.rul VisNetic Firewall r
30、uleset from this samecomputer and would like to reinstall using the same set of rules and configuration.After choosing this option and click the Next button, you will be prompted to enter apath to the *.rul ruleset file that you would like to use.If you are upgrading, your current ruleset will be au
31、tomatically entered.NOTE: a ruleset file cannot be shared across VisNetic Firewall installations, as theycontain adapter-specific information. To share rules between VisNetic Firewallinstallations, you would export rules from the first installation, then use “Ihaverules that I want to import“ option
32、 above to import these rules onto theappropriate adapters.Configuration Wizard Step 1 Computer ConnectionsThe first step in the Configuration Wizard asks you if your computer is connectedonly to the Internet, or to a Local Area Network (LAN) as well.Your answer to this question will help the Configu
33、ration Wizard determine whatadditional questions to ask.If you are installing VisNetic on a stand-alone computer, choose the first option “No,this computer is connected only to the Internet“.If you are installing VisNetic on a computer that communicates with a Local AreaNetwork (LAN) as well as havi
34、ng a connection to the Internet, choose the secondoption. You will then be asked if your computer acts as a gateway for othercomputers on the network. A gateway computer has some type of Internet sharing,NAT, or proxy server software installed on it that permits other computers on thenetwork to acce
35、ss the Internet through the connection on the gateway computer. Ifthe gateway computer is not connected to the Internet, then no other computers onthe network can access the Internet. Gateway computers will have at least 2network adapters in them, one connecting to the Local Area Network (LAN), and
36、theother to Internet connection (i.e. network card that connects to the cable modem,DSL modem, router, etc.).Configuration Wizard Step 2 Adapter ConfigurationOnce you have completed the first series of questions, the Configuration Wizard thenbegins to detect all of the network adapters in your compu
37、ter and ask somequestions about each one. A network adapter could be a modem, an Ethernetnetwork card, a virtual VPN adapter, or a virtual PPPoE adapter (used for some DSLconnections).For each network adapter detected, the Configuration Wizard will present a dialogbox, prompting you to specify what
38、the adapter is used for. Once you havecompleted the questions for one adapter, the Wizard will detect the next adapter (ifpresent) and again present you with this screen. After all adapters have beendetected and configured, you will see a summary screen that gives you theopportunity to make changes
39、to the rules that will be applied to each adapter (seeWizard Step 3).The Wizard will select its best guess, determined by the type of adapter that isdetected and by the IP address that is assigned to the adapter. If the selectionpresented does not appear correct, change it to one that more closely m
40、atches thepurpose of the adapter.If you have more than one network card in your computer, you will need to closelyexamine the name of the network card and the IP address to ensure that you areconfiguring each one correctly. Compare this information to the notes that you tookduring the preinstallatio
41、n steps to determine which network card is for the LAN, andwhich is connected to the Internet.Internal LAN AdapterSelect this option if the network adapter listed is connected ONLY to your local areanetwork. After choosing this option and clicking Next, you will be presented with ascreen asking you
42、if you want to permit all traffic over this LAN adapter, or onlycertain traffic.Option 1: Do Not Restrict AccessIn most cases, you will want to allow all traffic to pass freely over an internal LANadapter, and only be filtering traffic on your external Internet adapters. If this is thecase choose th
43、e first option, and the Wizard will configure this adapter to Allow AllTraffic.Option 2: Restrict AccessIn some cases, you will want to allow only certain local network traffic to be permittedto pass over this LAN adapter. After choosing the second option, “I want to restrictaccess“, you will be pre
44、sented with a screen listing possible types of traffic thatyou may want to allow. Click the box beside all services and applications that apply.A few of the selections may require some explanation:DHCP (for dynamic IP addresses): select this option if this computer receives an IPaddress from a DHCP
45、server on your network.DHCP Server: select this option if this computer is acting as a DHCP server whichassigns IP addresses to the other computers on the LAN.NetBIOS: selecting this option will put rules in place that will allow this computer tocommunicate with other computers on the network for th
46、e purposes of file and printersharing using NetBIOS over TCP.Option 3: Block all AccessChoosing this option will result in the firewall configuring this adapter to block alltraffic on this adapter.Internet AdapterSelect this option if the network adapter listed provides you with your connection toth
47、e Internet (i.e. connects to your cable modem or router). After clicking the Nextbutton, you will be asked whether you run client or server applications (or both) onthis computer.For each selection you choose, you will be presented with a list of applications. TheWizard will attempt to detect which
48、applications are installed, however you will needto look carefully at the list, selecting any that the Wizard did not detect, andunselecting any that were detected, but which you do not use.Client ApplicationsDepending on which options you choose in the Client Applications window, you willbe prompte
49、d to provide some further information that will assist the Wizard increating a tight set of rules that only apply to the specific servers that you need tocommunicate with.DNS Servers: the Configuration Wizard will attempt to detect the DNS Servers thatyou have configured for the network adapter. If it cannot detect your DNS settings,you have the opportunity to enter them here. The Wizard will use this information tocreate DNS rules that apply only to the DNS servers with which you communicate. Ifyou do not know the IP addresses of your ISP
