Control FWBlock

URI: FWBlock

Package: NetworkConnectivity

< prev | next >

Description: Means the default policy is to drop messages directed to a network address (interface) or via a network router (logical segment).

Interface	The interface between a Host and a Logical Subnet. Represents a possible point of control and a target for attack. If the Logical Subnet is an IP network, the Interface also represents the existence of an IP address.
LogicalSegment	A base class representing a route through a Host between any two distinct Logical Subnets of any kind.

CSG-BlockGatewayRoute	Apply a default firewall rule at gateway host *Gateway* to drop messages sent via the gateway from *FromSubnet* to *ToSubnet*, unless they are service requests or responses.
CSG-BlockInterface	Apply a default firewall rule at host *Host* to drop messages sent to the host from subnet *LogicalSubnet*, unless they are service requests or responses.
CSG-DisableServiceAccess-Runtime	Apply a default firewall rule at host *Host* to drop messages sent to services running on the host from subnet *LogicalSubnet. This strategy may represent a run-time adaptation in response to a threat, or a permanent restriction introduced by design or in accordance with an operational policy or user preference. It also triggers threats representing side effects that would be caused by such a restriction, which affect access to services running on Host* but not other uses of its connection to *LogicalSubnet*.