Example: preventing active mode FTP with a Protocol Agent
Company A has an FTP server that allows access from the Internet. The Firewall must only allow users to make passive mode FTP connections.
The administrators:
- Create a Service element for passive FTP.
- Attach the FTP Protocol Agent to the Service.
- Change the active mode FTP setting to No in the Service properties.
- Create an Access rule that allows users to connect to the FTP server using their custom-made Service element.
- Refresh the policy on the IPS engine.