Qbik Helpsys

Prev (Scheduling) Next (Connection types) Up (Network Interface classification)
Skip to user comments Add a comment

Network interface classification

The ENS driver provides the firewall, and port security filters so you can control connections to and from any WinGate network interface. To assist with this, WinGate will automatically attempt to classify what type of network each interface is connected to. It does this by examining what IP address details (if any) have been set for the network interface.

There are 3 classifications that can be set by WinGate:

  1. Internal (protected network)

    If the network interface has a private IP address, then WinGate will consider the interface as being safe (e.g. this adapter connects to the LAN). WinGate network services will automatically bind to network interfaces marked as Internal.

  2. External (untrusted network)

    If the network interface has a public IP address, then WinGate will see it as an Internet connection. WinGate considers the Internet to be an untrusted network.

    Note

    Network adapters that do not have any IP addresses set, are also marked as External (untrusted) since they could potentially be configured with either a private or public IP address.

  3. External secure network (DMZ)

    This classification is for interfaces that are connected to a DMZ (Demilitarized Zone). This classification is not given automatically by WinGate, it must be manually set (see below).

    License restriction: DMZ classifications are only available when using a WinGate Professional or WinGate Enterprise license.

Classification usage

WinGate uses these classifications for a wide range of purposes through out its operation. The most common are:

  1. To help the ENS firewall determine what type of connection is being received on a WinGate network interface. This allows it allow, deny, or redirect the traffic as required. Read more about connection types.

  2. When it is determining which interface it should dynamically bind to a network service. WinGate will automatically bind adapters marked as Internal to most network services, so they can begin listening and responding automatically to client requests from the LAN.

    Read more about network bindings

Manual classifications

WinGate allows you to manually set the classification of each interface, depending on what security requirements you have.

Note

Remember to choose your classification carefully since changing a network interface classification can have serious consequences to the way WinGate operates.

To set the classification manually:

  1. Open the WinGate Management console.
  2. Navigate to Control Panel > Network connections.
  3. Double click on the network interface entry you want to classify. This will open the WinGate specific properties for the adapter.
  4. On the General tab select the desired classification radio button.
  5. Click OK to apply the classification.

©2012 Qbik New Zealand Limited

Community content

  1. no comments yet...

Download helpfile

You can use basic Full-Text Searches against the page title and body to find matching articles. Use the following search modifiers to refine your query:

  • event management (no quotes) will find all pages containing the words "event" OR "management"
  • "event management" (with quotes) will find all pages containing the phrase "event management"
  • +event -management will find all pages containing the word "event", AND NOT the word "management"