Setting General Definitions for Firewall
To set many definitions affecting Firewall, select 1. General Definitions from the iSecurity (part I) Global Parameters screen (STRFW > 81).
The Firewall General Definitions screen appears.
| Firewall General Definitions Emergency override ALL Security setting . 0 0=Regular (no override) 1=Allow, 3=Reject, 2=Allow+Log, 4=Reject+Log Work in *FYI* (Simulation) mode . . . . . N Y=Yes, N=No *FYI* is an acronym for "For Your Information". In this mode, security rules are fully operational, but no action is taken. Changes in FYI setting may result in changes of Intrusion Detection and Syslog activities. Add GrpPrf+SupGrpPrf, %Group auth . . . . Y Y=Yes, %=%Group only, N=No Enable Super Speed Processing . . . . . . N Y=Yes, N=No The functionality of the product is not affected by this setting. Set this value to N, well before you plan a "Hot Upgrade" of the product. This will enable temporary suspension of the activity during installation. Hot upgrade is safe . . . . . . . . . . . Y (See manual) Wizard Group by . . . . . . . . . . . . . 4 1=*USER, 2=*GRPPRF, 3=*USRGRP, 4=*GROUP, 5=*ALLGRP, 6=*ALL, 7=*ALLUSRG Default for Wizard cmds-Operation type . S S=Std, F=Fast Default for Wizard cmds-Collect Type . . A A=Add, R=Replace Start log display from . . . . . . . . . N N=Newest, O=Oldest Start query display from . . . . . . . . O N=Newest, O=Oldest F3=Exit F12=Previous |
The screen contains the following fields:
Emergency override ALL Security setting
Use this in emergencies to override all settings. The values and results are the same as if using the Firewall Emergency Override window as shown in Overriding Firewall Settings in Emergencies
- 0: Regular (no override): Obey all rules as usual. Leave the field set to this unless there is an emergency.
- 1: Allow: Allow all activity without logging.
- 2: Allow+Log: Allow all activity and log it.
- 3: Reject: Reject all activity without logging.
- 4: Reject+Log: Reject all access requests and log them. Use this setting to react to and trace intrusions.
Work in *FYI* (Simulation) mode
In FYI (For Your Information) Simulation mode, Firewall logs activity and its responses to it, but does not reject any activity or trigger other actions. You can use FYI mode to collect records of activity on your system that you can then use to train the Rule Wizards in creating Firewall rules that are optimized for your system.
To start FYI Simulation mode, set this field to Y.
To end FYI Simulation mode, set this field to N.
Enable Super Speed Processing
During normal activity, set Enable Super Speed Processing to Y. This keeps programs and their values in memory and keeps their files open, saving performance, since some tables are read into the memory at the beginning of each load. Files remain in memory for one minute (although they remained for ten minutes in the past). That duration is based on the minutes on the system clock rather than by counting sixty seconds. Thus, for example, a file read into memory at 00:00:30 would remain until 00:01:00 (not 00:01:30).
A transaction that arrives in a different minute is processed normally. The program ends after it closes all files and completely releases memory.
In general, this should be set at Y to allow for the faster processing. However, leaving files in memory prevents hot upgrades, in which new versions are loaded into memory while instances of the existing version are still running.
Set this field to N some time before you do a hot upgrade, to allow existing Firewall processes to complete and be cleared from memory.
Hot upgrade is safe
This read-only field is set to N if super speed processing has been enabled since the last hot upgrade. If it shows N, set the Enable Super Speed Processing field to N, wait for a reasonable time, then use the Work with Database SQL Server Jobs screen (STRFW > 1 > 29) to see which jobs may have been loaded with Firewall and might need to be ended before the upgrade.
Wizard Group by
The default value by which report output is grouped, as used in the Report Wizards (STRFW > 45 > 4‑6 and 41‑61). Possible values are:
- *USER: Grouped by the user name.
- *GRPPRF: If a user is a member of a single group, the user's activity is included under the group.
Otherwise, the activity is shown under the username.
- *USRGRP: If the user is a member of multiple groups, the user's activity is included under the first of those groups.
Otherwise, the activity is shown under the username.
- *GROUP: If the user is a member of a single group, the user's activity is included under that group.
Otherwise, if the user is a member of multiple groups, the user's activity is listed under the first of those groups.
Otherwise (if the user is not a member of any groups), the activity is shown under the username.
- *ALLGRP: If the user is a member of a single group plus up to fifteen supplemental groups. The user's activity is shown for each of those groups.
- *ALL: If the user is a member of a single group plus up to fifteen supplemental groups. The user's activity is shown for each of those groups.
Otherwise, if the user is a member of multiple groups, the user's activity is listed under the first of those groups.
Otherwise (if the user is not a member of any groups), the activity is shown under the username.
- *ALLUSRGRP: If the user is a member of more than one %group, the user's activity is shown for each of those %groups.
Start log display
Sets the order in which records in log displays appear. Possible values are:
- N: Show the newest records first
- O: Show the oldest records first.
Start query display
Sets the order in which records in query results appear. Possible values are:
- N: Show the newest records first
- O: Show the oldest records first.