Endpoint Admission Defense Help >> Operation Guide >> Endpoint Access Control >> Internet Access Audit >> Add/Modify Internet Access Audit

Add/Modify Internet Access Audit

Use this function to add or modify an Internet access audit policy.

Operation Procedure

1. Enter the Internet access audit policy page.
   Approach 1: Click the User tab, and click the User Security Policy link to enter the User Security Policy homepage. On the homepage, click the Endpoint Access Control link, and click Internet Access Audit.
   Approach 2: Click the User tab, and select User Security Policy > Endpoint Access Control > Internet Access Audit from the navigation tree.
2. Click Add, or click the Modify icon of an audit policy.
3. Set the basic information for the audit policy.
4. Click Add on the Audit ACL Rule List. The window for adding an audit ACL rule appears. Configure an audit ACL rule and click OK. Repeat the previous steps to add more ACL rules to the policy.
5. Click OK.

Parameters

• Default Action: Specifies how the client will handle the packets that are not controlled by the ACL rules configured in the policy. Options include Audit and Not Audit.
• Service Group: Select a service group for the policy. The service group ensures privilege management of the policy. The administrators and maintainers can add the policy to one of the service groups to which they have the management privilege.
• Audit ACL Rule List: Lists all the audit ACL rules in the policy.

Internet Access Audit Parameters

• By default, audit ACL rules only apply to outbound packets, and do not take effect for inbound packets.
• Protocol: Protocol used by the packets. All IP protocols means to control all IP packets.
• Enable Audit: Indicates whether to audit the packets or not. Options include Audit and Not Audit.
• Destination IP: Destination IP address of the packets.
• Mask: Subnet mask of the destination IP address.
• Destination Port: Destination port number of the packets. This parameter appears only when Protocol is set to TCP or UDP. The default setting is 0, indicating any available port.

Precautions

• An Internet access audit policy name cannot be the same as any existing Internet access audit policy.
• An audit policy must contain at least one audit ACL rule.
• When you modify an Internet access audit policy, you cannot modify the name and service group of the policy.
• The value of the destination IP address displayed in the Audit ACL Rule List is the result of an bitwise AND operation between the destination IP address and subnet mask entered by the user.