How to enforce specific access rules for the traffic handled by AXIGEN's Services
Solution
AXIGEN provides the administrator with the tools needed to enforce access restrictions for each SERVICE. This is done via Allow/Deny rules that can be enabled either at the SERVER level for a system wide control or if a more granular control is required at the SERVICE level. These access rules can be created to match certain IP addresses or blocks of IP addresses, specified by a given range or in an IP/SM format.
Enforcing system wide rules can be done from WebAdmin->Security & Filtering context->Global Access Control. From this section you can choose to deny access to all of AXIGEN services from specified IPs / IP Ranges.
This approach will enforce any defined global policies to all SERVICES.
Each activated service also supports access rules and such policies can be enforced from the WebAdmin interface -> Services context -> by selecting the required Service (IMAP/POP3/WebMail/SMTP Receiving). In the Access Control section for each of these modules a default rule exists which allows access to all traffic. This implicit rule acts as a policy for the entire chain of rules and if no other rules will be matched by incoming traffic the action of this rule will be applied.
For a more granular control on each individual SERVICE, access policies can also be defined directly on individual listeners.
Note:
By defining access policies at the SERVICE level, you can also tweak the Traffic Flow when creating Allow rules thus controlling actions such as the total number of connections.
Enforcing system wide rules can be done from WebAdmin->Security & Filtering context->Global Access Control. From this section you can choose to deny access to all of AXIGEN services from specified IPs / IP Ranges.
This approach will enforce any defined global policies to all SERVICES.
Each activated service also supports access rules and such policies can be enforced from the WebAdmin interface -> Services context -> by selecting the required Service (IMAP/POP3/WebMail/SMTP Receiving). In the Access Control section for each of these modules a default rule exists which allows access to all traffic. This implicit rule acts as a policy for the entire chain of rules and if no other rules will be matched by incoming traffic the action of this rule will be applied.
For a more granular control on each individual SERVICE, access policies can also be defined directly on individual listeners.
Note:
By defining access policies at the SERVICE level, you can also tweak the Traffic Flow when creating Allow rules thus controlling actions such as the total number of connections.
OS:
LinuxFreeBSDNetBSDOpenBSDSolaris
Distros:
DEB based distros amd64