Address Manager firewall - BlueCat Integrity - 9.5.0

Address Manager Administration Guide

Product name
BlueCat Integrity

Configure the Address Manager firewall through the Administration Console.

Address Manager v9.5.0 introduces a new firewall for Address Manager. The new Address Manager firewall increases resilience by adding additional firewall capabilities that were previously only available for DNS/DHCP Server appliances. This section describes configuration of the firewall through the Address Manager Administration Console. The firewall can also be configured through the user interface, refer to Configuring the Address Manager firewall for more information.

Warning: Upon an upgrade to Address Manager v9.5.0, ping settings will match the previous configuration. However, enabling the new firewall option in Address Manager will replace the previous firewall configuration with the new default ruleset. Previous manually created firewall rules will not migrate automatically and must be configured on the new firewall. Refer to the Customer Care portal (KI-17762) for more information on migrating existing firewall rules to the new firewall.
Warning: BlueCat strongly advises against disabling the Address Manager firewall. Disabling the firewall should only be performed for servers in a secure environment and only for short periods of time.

You can view the current state of the Address Manager firewall service by entering show firewall from Main Session mode or show from Firewall Configuration mode.

Proteus> show firewall
Firewall enabled
Allow ping enabled
Press Tab to view a list of available commands, or type ? to view a description of each available item:
  • exit—exit from Firewall configuration mode.
  • help—display help information.
  • history—display the current session’s command line history.
  • show—show firewall status.
  • start—enables and starts the firewall.
  • set—set ping configuration.
    • set allow-ping enable—allow the Address Manager server to be pinged.
    • set allow-ping disable—block pings.
  • stop—stops and disables the firewall.