Address Manager v9.5.0 introduced a new firewall for Address Manager. The Address Manager firewall increases resilience by adding additional firewall capabilities that were previously only available for DNS/DHCP Server appliances. This section describes configuration of the firewall through the Address Manager user interface. The firewall can also be configured through the Administration Console, refer to Address Manager firewall for more information.
Warning: Upon an
upgrade from Address Manager versions preceding v9.5.0 to
Address Manager v9.5.0+, ping settings will match the previous
configuration. However, enabling the new firewall option in
Address Manager will replace the previous
firewall configuration with the new default ruleset. Previous
manually created firewall rules will not migrate automatically
and must be configured on the new firewall. Refer to the
Customer Care portal (KI-17762) for more
information on migrating existing firewall rules to the new
firewall.
Warning: BlueCat strongly advises against
disabling the Address Manager
firewall. Disabling the firewall should only be
performed for servers in a secure environment and only for short
periods of time.
To configure the Address Manager firewall through the user interface:
- Select the Settings tab in the sidebar, then select Service configuration.
- Under Server management and configuration, locate the Firewall service panel and select Edit service.
- Select the Enabled check box to enable the firewall; deselect this check box to disable the firewall.
- Ping allowed—this option is only applicable when firewall service is enabled (ping cannot be blocked if firewall service is disabled). Select this checkbox to allow the Address Manager server to be pinged; deselect this checkbox to block pings.
- Select Save.