Security

 Top  Previous  Next

On the Security tab, you can configure restrictions for network addresses from which Agents, network installers and other (“neighboring”) Dr.Web Servers will be able to access the Server.

To manage Server audit log, use the following flags:

Audit of administrator operations allows to log operations of administrator with Dr.Web Security Control Center and writing the log into the DB.

Audit of server internal operations allows to log Dr.Web Server internal operations and writing the log into the DB.

Audit of Web API operations allows to log operations via XML API.

To view the audit log, select the Administration option in the main menu, then Audit log item in the control menu.

The Security tab contains additional tabs on which you can set the restrictions for the correspondent types of connections:

Agents—the list of limitations on IP addresses from which Dr.Web Agents can connect to this Server.

Installations—the list of limitations on IP addresses from which Dr.Web Agents installers can connect to this Server.

Neighbors—the list of limitations on IP addresses from which neighbor Dr.Web Servers can connect to this Server.

Discovery service—the list of limitations on IP addresses from which broadcast queries can be received by the Server Detection Service.

To set access restrictions for any type of connection

1.Go to the correspondent tab (Agents, Installations, Neighbors or Discovery service).

2.To allow all connections, clear the Use this ACL flag.

3.To specify lists of allowed or denied addresses, set the Use this ACL flag.

4.To allow the access from a specific TCP address, include it into the TCP: Allowed or TCPv6: Allowed list.

5.To deny specific TCP address, include it into the TCP: Denied or TCPv6: Denied list.

To edit the address list

1.Specify the address in the corresponding field and click Save.

2.To add a new field, click the button in the corresponding section.

3.To delete a field, click .

The network address is specified as: <IP-address>/[<prefix>].

Lists for TCPv6 addresses will be available, if the IPv6 interface is installed on the computer.

Examples of prefix usage:

1.Prefix 24 stands for a network with a network mask: 255.255.255.0

Containing 254 addresses.

Host addresses look like: 195.136.12.*

2.Prefix 8 stands for a network with a network mask: 255.0.0.0

Containing up to 16387064 addresses (256*256*256).

Host addresses look like: 125.*.*.*

The addresses not included into any of the lists are allowed or denied depending on whether the Denial priority flag is set. If the flag is set, the Denied list has a higher priority than the Allowed list. Addresses not included in any of the lists or included into both of them are denied. Allowed only addresses that are included in the Allowed list and not included in the Denied list.