2.2.6.4. Scan Ports : [ Target Scanned Ports ]

You need to define a profile of the Scan Port, utilized at Firewall Policy.
Scan Ports provide an functionality enabling you to specify the certain port number of a Protocol being scanned by the Security function.

With Scan Ports, you can create a new profile, modify the number of respective ports for every protocol, or define the maximum limit of file sizes being canned with Anti-Virus function.

Following are the available protocols enabling you to configure: [ HTTP, FTP. IMAP, MAPI, POP3, SMTP, and NNTP ] Accordingly, any protocols other than these protocols are NOT allowed to be set up.

2.2.6.4.1. Default Value

The profiles of the default Scan port will be appeared, when your clicking [ Scan Ports ] by default.
既定のScan Portsプロファイル
The default profile is that the status code of the block page displayed when HTTP communication is blocked is 403.
For profiles with __upg notation at the beginning, the status code of the block page displayed when HTTP communication is blocked will be 200.
Following are the maximum limits of file sizes, which are targeted on scanning as well as ports being valid at the default Scan Ports Profile , respectively.

Protocol

Port

Size

Target Scanned Functions

HTTP TCP 80 3 MB

Anti-Virus Function & Web-Filter Function

FTP TCP 21 3 MB

Anti-Virus Function

IMAP TCP 143 3 MB

Anti Virus Function & SPAM Filtering Function:

MAPI TCP 135 3 MB

Anti-Virus Function

POP3 TCP 110 3 MB

Anti Virus Function & SPAM Filtering Function:

SMTP TCP 25 3 MB

Anti-Virus Function

NNTP TCP 119 3 MB

Anti-Virus Function


2.2.6.4.2. Setting Items

Following explains Scan Ports Profile setting items as described below:

Items

Values

Descriptions

Name

(Half-width alphabetic characters & half-width numbers)

Enter the name of profile.
You can NOT utilize any two-byte characters, such as Japanese, and the following signs as below:
< > ( ) # ' " , and spaces (blank)

Enable

Either [ □ ] (unmarking to the checkbox) or [ ✔ ] (marking the checkbox)

Once you mark to a specific protocol checkbox, the policy will be valid (active).

Port

(with half-width numbers)

Fill in the service port numbers to the relevant protocol.
By separating ports with a half-width space, you can specify multiple port numbers. You need to fill in anything in the space.

Size

[1-10]
Select a maximum limit of file sizes for the target scanned file. The unit is [ MB ].
By default, [ 3 MB ] is set up.
Comment

(Half-width alphabetic characters & half-width numbers)

Fill in your comment if you like.
Fill in your comment by using less than 225 letters. You can NOT utilize any two-bytes characters, such as Japanese.

Note

Size

We recommend that the maximum size limit of the target scanned file size is more than a default value, 3 MB, if any specific reason. This reason is why detecting the bigger file makes the load on a UTM function increase. Also, generally speaking, a file to deliver any malware tends to be smaller.


2.2.6.4.3. Adding Scan Ports Profile

  1. Click the Routing from the left-side Object screen.
    Security Profile ‣ Scan Ports ‣ Scan Ports

    Click [ Add ] at Scan Ports of the right-side screen.

    Click Add


  1. Click [ Save ] after you input the setting value.
    Input Setting Items: Scan Ports Profile to the setting value.

    Save Object


  1. Apply configuration to the device by clicking [Apply configuration].

    Save Config


Note

  • Please be sure to execute [Apply configuration] in Profile before create Firewall policy.


2.2.6.4.4. How to Change Profile (Edit / Duplication / Remove)

  1. Click the Routing from the left-side Object screen.
    Security Profile ‣ Scan Ports ‣ Scan Ports

    Select the target changed line at Routing screen of the right-side. Click an operation button you need.

    Click Change


    Following describes respective buttons of Scan Ports .

    Buttons

    Descriptions

    Edit

    Modify the value of Scan Ports Profile that has already been set.

    Duplicate

    After duplicating the existing Profile , the object setting screen will open with the same value.
    Make sure to change Profile Name.
    This is useful for you to define another Profile with the same value.

    Remove

    Delete the selected Profile.


    When you deleting one , the confirmation message will display. Please click [OK] to finally execute its deletion.

    Confirm Delete Object

    NOTE: You can not remove any object which has been utilizing at a Firewall Policy.


  1. Apply configuration to the device by clicking [Apply configuration].

    Save Config


Note

  • Please be sure to execute [Apply configuration] in Profile before create Firewall policy.