Enforcive/IP Packet Lockdown is the first line of defense in Enforcive's multiple-layer solution for the protection of System i computers, comprising intrusion detection, access control and IP packet filtering. It is based on IP packet filtering technology and allows you to easily setup and manage the ports and IP addresses from which you wish to receive network traffic and the specific System i ports at which you wish to receive that traffic. Similarly, you can define those addresses and ports you wish to lock down and prevent from communicating with the outside world. Access attempts from unauthorized network paths are blocked entirely from entering or leaving your computer.
Enforcive/IP Packet Lockdown comes with an integrated audit log of TCP/IP traffic through your System i ports. It can be viewed in the Enforcive/Enterprise Security Manager (the PC GUI client) or the product's native interface. The log can be filtered by parameters and displayed on-line, printed or saved. Like the other Enforcive audit logs, it can be drilled down to show the event details.
A powerful feature to improve usability is the option of associating IP addresses and ranges with descriptions like "John's PC" or ‘main building'. This makes setting up rules and viewing the event log much more intuitive - particularly helpful for auditors who may need to access the logs too.
When the definitions are activated any port access not defined in the rules will be blocked. Rules can be defined but left disabled until you decide to enable them and currently enabled rules can be disabled whenever you wish. The current activity status of IP packet filtering is conveniently displayed so you know whether filtering is active or not.