Security

On the Security tab, you can configure restrictions for network addresses from which Agents, network installers and other (“neighboring”) Dr.Web Servers will be able to access the current Dr.Web Server.

To manage the Dr.Web Server audit log, use the following flags:

Audit of administrator operations allows to log operations of administrator with Dr.Web Security Control Center and writing the log into the DB.

Audit of server internal operations allows to log Dr.Web Server internal operations and writing the log into the DB.

Audit of Web API operations allows to log operations via XML API.

info

To view the audit log, select the Administration option in the main menu, then Audit log item in the control menu.

The Security tab contains additional tabs on which you can set the restrictions for the correspondent types of connections:

Agents—the list of limitations on IP addresses from which Dr.Web Agents can connect to this Dr.Web Server.

Installations—the list of limitations on IP addresses from which Dr.Web Agents installers can connect to this Dr.Web Server.

Neighbors—the list of limitations on IP addresses from which neighbor Dr.Web Servers can connect to this Dr.Web Server.

Discovery service—the list of limitations on IP addresses from which broadcast queries can be received by the Dr.Web Server Detection Service.

To set access restrictions (separately for Agents, Installations, Neighbor Dr.Web Servers or Discovery service)

1.Set the Use this ACL flag to specify lists of allowed or denied addresses. If the flag is cleared, all connections are allowed.

2.To allow the access from a specific TCP address, include it into the TCP: Allowed or TCPv6: Allowed list.

3.To deny specific TCP address, include it into the TCP: Denied or TCPv6: Denied list.

4.The addresses not included into any of the lists are allowed or denied depending on whether the Denial priority flag is set. If the flag is set, the Denied list has a higher priority than the Allowed list. Addresses not included in any of the lists or included into both of them are denied. Allowed only addresses that are included in the Allowed list and not included in the Denied list.

To edit the address list

1.Specify network address in the corresponding field in the following format: <IP address>/[<network prefix>].

2.To add a new field, click the icon-item-add button in the corresponding section.

3.To delete a field, click icon-item-remove next to the deleting address.

4.Click Save to apply settings.

info

Lists for TCPv6 addresses will be available, if the IPv6 interface is installed on the computer.

Examples of prefix usage:

1.Prefix 24 stands for a network with a network mask: 255.255.255.0

Containing 254 addresses.

Host addresses look like: 195.136.12.*

2.Prefix 8 stands for a network with a network mask: 255.0.0.0

Containing up to 16777214 addresses (256*256*256-2).

Host addresses look like: 125.*.*.*