Content Access Control - Services

Use this screen to customize services for each user group.

Label

Description

Service to be Blocked

 

Available services

Select a service from the list and click the >> button to have the service blocked on a weekday (Monday to Friday) or to have the service blocked on a day in the weekend (Saturday or Sunday).

These services will be blocked according to the settings you configure in the Time Scheduling screen.

Click herefor more information on the services.

Blocked Services

This box shows all the services that you want to block during the specified time for the user group. Click the << button to remove a service from the box.

Customized Services

A Customized Service is a service that is not available in the pre-defined Available Services list and you must define using the next two fields.

Type

Services are either TCP and/or UDP. Select from either TCP or UDP.

Port Number

Enter a port number or a range of port numbers to define the service. For example, suppose you want to define the Gnutella service. Select TCP type and enter a port range from 6345-6349.

Add

Click Add to add a service to be blocked to the Blocked Services box.

Clear All

Click Clear All to empty the Blocked Services box.

Back

Click Back to return to the previous screen.

Apply

Click Apply to save your changes back to the Prestige.

Cancel

Click Cancel to return to the previously saved settings.

The Available Services list box displays some predefined services that the Prestige supports. The following table shows a list of services that can be configured. Next to the name of the service, two fields appear in brackets. The first field indicates the IP protocol type (TCP, UDP, or ICMP). The second field indicates the IP port number that defines the service. (Note that there may be more than one IP protocol type. For example, look at the default configuration labeled "DNS".(UDP/TCP:53) means UDP port 53 and TCP port 53).

Service

Description

AIM/New-ICQ(TCP:5190)

AOL’s Internet Messenger service, used as a listening port by ICQ.

AUTH(TCP:113)

Authentication protocol used by some servers.

BGP(TCP:179)

Border Gateway Protocol.

BOOTP_CLIENT(UDP:68)

DHCP Client.

BOOTP_SERVER(UDP:67)

DHCP Server.

CU-SEEME(TCP/UDP:7648, 24032)

A popular videoconferencing solution from White Pines Software.

DNS(UDP/TCP:53)

Domain Name Server, a service that matches web names (e.g. www.zyxel.com) to IP numbers.

FINGER(TCP:79)

Finger is a UNIX or Internet related command that can be used to find out if a user is logged on.

FTP(TCP:20.21)

File Transfer Program, a program to enable fast transfer of files, including large files that may not be possible by e-mail.

H.323(TCP:1720)

NetMeeting uses this protocol.

HTTP(TCP:80)

Hyper Text Transfer Protocol - a client/server protocol for the world wide web.

HTTPS(TCP:443)

HTTPS is a secured http session often used in e-commerce.

ICQ(UDP:4000)

This is a popular Internet chat program.

IKE(UDP:500)

The Internet Key Exchange algorithm is used for key distribution and management.

IPSEC_TUNNEL(AH:0)

The IPSEC AH (Authentication Header) tunneling protocol uses this service.

IPSEC_TUNNEL(ESP:0)

The IPSEC ESP (Encapsulation Security Protocol) tunneling protocol uses this service.

IRC(TCP/UDP:6667)

This is another popular Internet chat program.

MSN Messenger(TCP:1863)

Microsoft Networks’ messenger service uses this protocol.

MULTICAST(IGMP:0)

Internet Group Multicast Protocol is used when sending packets to a specific group of hosts.

NEW-ICQ(TCP:5190)

An Internet chat program.

NEWS(TCP:144)

A protocol for news groups.

NFS(UDP:2049)

Network File System - NFS is a client/server distributed file service that provides transparent file sharing for network environments.

NNTP(TCP:119)

Network News Transport Protocol is the delivery mechanism for the USENET newsgroup service.

PING(ICMP:0)

Packet INternet Groper is a protocol that sends out ICMP echo requests to test whether or not a remote host is reachable.

POP3(TCP:110)

Post Office Protocol version 3 lets a client computer get e-mail from a POP3 server through a temporary connection (TCP/IP or other).

PPTP(TCP:1723)

Point-to-Point Tunneling Protocol enables secure transfer of data over public networks. This is the control channel.

PPTP_TUNNEL(GRE:0)

Point-to-Point Tunneling Protocol enables secure transfer of data over public networks. This is the data channel.

RCMD(TCP:512)

Remote Command Service.

REAL_AUDIO(TCP:7070)

A streaming audio service that enables real time sound over the web.

REXEC(TCP:514)

Remote Execution Daemon.

RLOGIN(TCP:513)

Remote Login.

RTELNET(TCP:107)

Remote Telnet.

RTSP(TCP/UDP:554)

The Real Time Streaming (media control) Protocol (RTSP) is a remote control for multimedia on the Internet.

SFTP(TCP:115)

Simple File Transfer Protocol.

SMTP(TCP:25)

Simple Mail Transfer Protocol is the message-exchange standard for the Internet. SMTP enables you to move messages from one e-mail server to another.

SNMP(TCP/UDP:161)

Simple Network Management Program.

SNMP-TRAPS(TCP/UDP:162)

Traps for use with the SNMP (RFC:1215).

SQL-NET(TCP:1521)

Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers.

SSH(TCP/UDP:22)

Secure Shell Remote Login Program.

STRM WORKS(UDP:1558)

Stream Works Protocol.

SYSLOG(UDP:514)

Syslog allows you to send system logs to a UNIX server.

TACACS(UDP:49)

Login Host Protocol used for (Terminal Access Controller Access Control System).

TELNET(TCP:23)

Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems.

TFTP(UDP:69)

Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol).

VDOLIVE(TCP:7000)

Another videoconferencing solution.