Home >Documents >Security Tutorial v3.1.1 > 2. Operation > 2.2. Managed Firewall / Managed UTM Version2 > 2.2.6. How to Set up a Security Profile >2.2.6.4. Scan Ports : [ Target Scanned Ports ]

2.2.6.4. Scan Ports : [ Target Scanned Ports ]

You need to define a profile of the Scan Port, utilized at Firewall Policy.

Scan Ports provide an functionality enabling you to specify the certain port number of a Protocol being scanned by the Security function.

With Scan Ports, you can create a new profile, modify the number of respective ports for every protocol, or define the maximum limit of file sizes being canned with Anti-Virus function.

Following are the available protocols enabling you to configure: [ HTTP, FTP. IMAP, MAPI, POP3, SMTP, and NNTP ] Accordingly, any protocols other than these protocols are NOT allowed to be set up.

2.2.6.4.1. Default Value

The profiles of the default Scan port will be appeared, when your clicking [ Scan Ports ] by default.

The default profile is that the status code of the block page displayed when HTTP communication is blocked is 403.

For profiles with __upg notation at the beginning, the status code of the block page displayed when HTTP communication is blocked will be 200.

Following are the maximum limits of file sizes, which are targeted on scanning as well as ports being valid at the default Scan Ports Profile , respectively.

Protocol	Port	Size	Target Scanned Functions
HTTP	TCP 80	3 MB	Anti-Virus Function & Web-Filter Function
FTP	TCP 21	3 MB	Anti-Virus Function
IMAP	TCP 143	3 MB	Anti Virus Function & SPAM Filtering Function:
MAPI	TCP 135	3 MB	Anti-Virus Function
POP3	TCP 110	3 MB	Anti Virus Function & SPAM Filtering Function:
SMTP	TCP 25	3 MB	Anti-Virus Function
NNTP	TCP 119	3 MB	Anti-Virus Function

2.2.6.4.2. Setting Items

Following explains Scan Ports Profile setting items as described below:

Items	Values	Descriptions
Name	（Half-width alphabetic characters & half-width numbers)	Enter the name of profile. You can NOT utilize any two-byte characters, such as Japanese, and the following signs as below: < > ( ) # ' " , and spaces (blank)
Enable	Either [ □ ] (unmarking to the checkbox) or [ ✔ ] (marking the checkbox)	Once you mark to a specific protocol checkbox, the policy will be valid (active).
Port	(with half-width numbers)	Fill in the service port numbers to the relevant protocol. By separating ports with a half-width space, you can specify multiple port numbers. You need to fill in anything in the space.
Size	[1-10]	Select a maximum limit of file sizes for the target scanned file. The unit is [ MB ]. By default, [ 3 MB ] is set up.
Comment	（Half-width alphabetic characters & half-width numbers)	Fill in your comment if you like. Fill in your comment by using less than 225 letters. You can NOT utilize any two-bytes characters, such as Japanese.

Note

Size

We recommend that the maximum size limit of the target scanned file size is more than a default value, 3 MB, if any specific reason. This reason is why detecting the bigger file makes the load on a UTM function increase. Also, generally speaking, a file to deliver any malware tends to be smaller.

2.2.6.4.3. Adding Scan Ports Profile

1. Click the Routing from the left-side Object screen.

   Security Profile ‣ Scan Ports ‣ Scan Ports

   Click [ Add ] at Scan Ports of the right-side screen.

   

2. Click [ Save ] after you input the setting value.

   Input Setting Items: Scan Ports Profile to the setting value.

   

3. Apply configuration to the device by clicking [Apply configuration].

   

Note

• Please be sure to execute [Apply configuration] in Profile before create Firewall policy.

2.2.6.4.4. How to Change Profile (Edit / Duplication / Remove)

1. Click the Routing from the left-side Object screen.

   Security Profile ‣ Scan Ports ‣ Scan Ports

   Select the target changed line at Routing screen of the right-side. Click an operation button you need.

   

   
   

   Following describes respective buttons of Scan Ports .

   Buttons	Descriptions
   Edit	Modify the value of Scan Ports Profile that has already been set.
   Duplicate	After duplicating the existing Profile , the object setting screen will open with the same value. Make sure to change Profile Name. This is useful for you to define another Profile with the same value.
   Remove	Delete the selected Profile.

   
   

   When you deleting one , the confirmation message will display. Please click [OK] to finally execute its deletion.

   

   NOTE: You can not remove any object which has been utilizing at a Firewall Policy.

2. Apply configuration to the device by clicking [Apply configuration].

   

Note

• Please be sure to execute [Apply configuration] in Profile before create Firewall policy.

---

2.2.6.3. Spam Filter: [ Spam Filter Function Profile ]

2.2.7. Firewall Policy setting