Help

Installation

Managing Your Ally Security Appliance

Your Ally security appliance is managed using Internet Explorer (Version 5.0 or higher).

The next step to Plug and Protect™ is to ensure no known, or trusted, IP Address has been “blacklisted” based on the default Ally configuration. Once the Ally has been online for approximately two minutes, perform the following from the Ally Management Console:

 

Ally IP1000 Command

What Happens?

View the Ally Management Console “Blacklist” page

Display Current Blacklist: This command displays the currently “blacklisted” IP Addresses and identifies whether the address was detected on the “inside” or “outside” network. Blacklisted IP Addresses should be reviewed to verify if they are “trusted”. If a Trusted IP Address appears in this list, the next command in this table should be used to place it on the “whitelist”. This will allow the node to continue to function properly while analysis to determine why it was “blacklisted” is performed. If the IP Address is not a Trusted IP Address, then the “blacklisted” entry should remain on the blacklist, with no further actions to be taken.

Use the Ally Management Console “Blacklist” page to add a Trusted IP Address to the Inside or Outside “Whitelist” according to the location of the Trusted IP Address.

 

Add Trusted IP Address to Permanent Whitelist: This command automatically removes the IP Address from the “blacklist” and adds the IP Address to the permanent “whitelist” for the Inside or Outside Adapter. It is important to remember there are separate blacklists and whitelists for both the Outside and Inside adapters.

 

 

Arxceo recommends performing the following three steps as a component of your scheduled systems security maintenance:

 

  1. Review Blacklist:  Perform the steps listed above in order to see IP Addresses that have been blacklisted.
  2. Review Ally Statistics:  The current Ally statistics counters can be viewed from the Ally Management Console “Statistics” page
  3. Review Ally Event Log:  The Ally records security events and configuration information in the system event log. The most recent 100 events can be viewed from the Ally Management Console “Event Log” page. If you want to review all events, access this same page and save the log file to your local computer for review or import into another application.

Additionally, whenever a trusted IP address or system seems to have lost network access, review the blacklist and event log as described above. Ally IP1000 Intrusion Protection Messages indicating when and why an IP address was blacklisted or when and why a packet was discarded will be found in the event log.

 

Copyright 2005 Arxceo Corporation. All Rights Reserved. Trademarks  Privacy Statement  Site Map