Scribd Logo
Upload

Welcome to Scribd!

  • TOPOLOGIA NEREIDAS - Assessment Final@CEVSEDE

    Uploaded by

    Jhonatan Assis
    20 views42 pages
    Teste

    Copyright

    © © All Rights Reserved

    Available Formats

    XLS, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Teste

    Copyright:

    © All Rights Reserved
    Download as XLS, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    20 views42 pages

    TOPOLOGIA NEREIDAS - Assessment Final@CEVSEDE

    Uploaded by

    Jhonatan Assis
    Teste

    Copyright:

    © All Rights Reserved
    Download as XLS, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 42

    BoM

    Karoon - RJ
    Reestruturação de Redes LAN e WAN Cisco Topology

    Device Manager Inf.

    L2 Mapping

    Version Release Date Description of Change Revisor Name Switch Port Mapping

    0.1 7/11/2016 Inicial Marcelo Dias


    Server Mapping

    Routing Port Mapping

    Security - NAT

    Security - WEBFilter

    Security - ACL

    Security - SSL Dec.

    www. datavoice.net.br VPN


    Back Information about Manager Device Access

    Model (PN) Version S/N Location Hostname Manager IP Manager Vlan-ID Username Password

    WS-C3850-24T-S 03.06.05.E FCW2021F0AS BRSWTC01 10.20.100.1 100 admin


    Show Show
    running-config Tech-Support

    TECH_BRSWTC01.TXT

    sh_tech_BRFRWL01_29-3-17.txt

    Back

    TECH_BRS WAC02.TXT
    Device Manager Inf.
    TECH_BRSWAC01.TXT

    TECH_BRSWAC03.TXT
    Network
    Infraestructure
    Informations

    TECH_GW-VOZ-RJO-01.TXT

    RUN_GW-VOZ-FLP-01.TXT TECH_GW-VOZ-FLP-01.TXT
    Back Information about Manager Device Access wifi

    Hostname Management IP Model Fabricante ANDAR Location SWITCH PORT OBS


    AP_ADM_9_002 172.21.253.92 AIR-CAP1602I-T-K9 CISCO 9º SWT_ADM_9A_01 Gi1/0/1
    AP_ADM_9_003 172.21.253.93 AIR-CAP1602I-T-K9 CISCO 9º SWT_ADM_9A_01 Gi1/0/2
    AP_ADM_9_004 172.21.253.94 AIR-CAP1602I-T-K9 CISCO 9º SWT_ADM_9A_02 Gi1/0/1
    AP_ADM_9_006 172.21.253.96 AIR-CAP1602I-T-K9 CISCO 9º SWT_ADM_9A_02 Gi1/0/2
    AP_ADM_9_007 172.21.253.97 AIR-CAP1602I-T-K9 CISCO 9º SWT_ADM_9A_03 Gi1/0/1
    AP_ADM_9_008 172.21.253.98 AIR-CAP1602I-T-K9 CISCO 9º SWT_ADM_9A_03 Gi1/0/2
    AP_ADM_9_005 172.21.253.95 AIR-CAP1602I-T-K9 CISCO 9º SWT_ADM_9A_04 Gi1/0/1
    AP_ADM_9_001 172.21.253.91 AIR-CAP1602I-T-K9 CISCO 9º SWT_ADM_9A_04 Gi1/0/2
    AP_ADM_9_009 172.21.253.99 AIR-CAP1602I-T-K9 CISCO 9º SWT_ADM_9A_04 Gig 1/0/3
    AP_ADM_8_008 172.21.253.XX AIR-CAP1602I-T-K9 CISCO 8º SWT_ADM_8A_01 Gig 1/0/1
    AP_ADM_8_006 172.21.253.XX AIR-CAP1602I-T-K9 CISCO 8º SWT_ADM_8A_01 Gig 1/0/2
    AP_ADM_8_007 172.21.253.XX AIR-CAP1602I-T-K9 CISCO 8º SWT_ADM_8A_01 Gig 1/0/3
    AP_ADM_8_004 172.21.253.XX AIR-CAP1602I-T-K9 CISCO 8º SWT_ADM_8A_02 Gig 1/0/1
    AP_ADM_8_005 172.21.253.XX AIR-CAP1602I-T-K9 CISCO 8º SWT_ADM_8A_02 Gig 1/0/2
    AP_ADM_8_002 172.21.253.XX AIR-CAP1602I-T-K9 CISCO 8º SWT_ADM_8A_02 Gig 1/0/3
    AP_ADM_8_003 172.21.253.XX AIR-CAP1602I-T-K9 CISCO 8º SWT_ADM_8A_03 Gig 1/0/1
    AP_ADM_8_001 172.21.253.XX AIR-CAP1602I-T-K9 CISCO 8º SWT_ADM_8A_03 Gig 1/0/2
    AP_ADM_7_003 172.21.253.XX AIR-CAP1602I-T-K10 CISCO 7º SWT_ADM_7A_04 Gig 1/0/33
    AP_ADM_7_002 172.21.253.XX AIR-CAP1602I-T-K11 CISCO 7º SWT_ADM_7A_04 Gig 1/0/41
    AP_ADM_7_007 172.21.253.XX AIR-CAP1602I-T-K12 CISCO 7º SWT_ADM_7A_04 Gig 1/0/34
    AP_ADM_7_006 172.21.253.XX AIR-CAP1602I-T-K13 CISCO 7º SWT_ADM_7A_04 Gig 1/0/43
    Back

    CONTROLE WIFI
    Network
    Infraestructure
    Informations
    Back HOSTS

    HOSTS IP MAC Local sw PORTA VLAN


    Kit webex_Sala-gratidao 172.21.77.17 c4b2.39d6.f0db Sala Gratidao PT- sw-94 gi 1/0/36
    TV_sala Gratidao 0096.3989.7fe4 Sala Gratidao PT-175 sw-95 gi 1/0/10 77
    MAC OBS
    IP estátisco com com exclusão no core
    641c.67ad.3257 1
    1
    1 Back
    1
    1
    1
    1
    1
    1
    Back

    Topology (v1)

    Network
    Infraestructure
    Informations
    Back Network Layer 2 Mapping Informations

    Vlan ID (Number) Description Purpose SUB- NET Vlan Default Gateway Device Default Gateway
    1 Rede Legada Rede Legada 192.168.1.0/24 192.168.1.1 e 192.168.1.2 BRSWTC01

    4 GERENCIA_SERVIDORES
    5 BLADE_WINDOWS BLADE_WINDOWS 172.22.5.2/24 172.22.5.1
    6
    Back

    Layer 2 Mapping

    Network Infraestructure
    Informations
    Back Switch Port Mapping information and the Respective Core Remote Device Connection

    Hostname Port SW (01) Port IP Address/ VLAN Remote Device Hostname Remote Device Remote Device Port or DIO Port Type (Fiber/ ID Patch Panel Port Patch Panel Etherchannel
    Access/ Trunk Location Port UTP/Twinax) Group
    G1/0/1 Acess 116 FG_Karoon01 Datacenter RJ N/A UTP N/A N/A X
    G1/0/2 Trunk All BRVMW01 Datacenter RJ G1 UTP RACK 1 P3 7
    G1/0/3 Trunk All BRVMW01 Datacenter RJ G2 UTP RACK 1 P4 7
    G1/0/4 Trunk All BRVMW02 Datacenter RJ G1 UTP RACK 1 P5 6
    G1/0/5 Trunk All BRVMW02 Datacenter RJ G2 UTP RACK 1 P8 6 Sw
    G1/0/6 Trunk All BRVMW03 Datacenter RJ G1 UTP RACK 1 P7 5
    G1/0/7 Trunk All BRVMW03 Datacenter RJ G2 UTP RACK 1 P6 5
    G1/0/8 Trunk All BRVMW04 Datacenter RJ G0 UTP RACK 1 N/A X
    G1/0/9 Acess 1 OPTIMUSPRIME Datacenter RJ G0 UTP RACK 2 N/A X
    G1/0/10 Trunk All BRSTG01B Datacenter RJ e0a UTP N/A N/A 4
    G1/0/11 Trunk All BRSTG01B Datacenter RJ e0b UTP N/A N/A 4
    G1/0/12 Trunk All BRSTG01A Datacenter RJ e0a UTP N/A N/A 3
    BRSWTC01
    G1/0/13 Trunk All BRSTG01A Datacenter RJ e0b UTP N/A N/A 3
    G1/0/14 Trunk All BRSTG02-A-01 Datacenter RJ 1 UTP N/A N/A 8
    G1/0/15 Trunk All BRSTG02-A-02 Datacenter RJ 2 UTP N/A N/A 8
    G1/0/16 Trunk All BRSTG02-B-1 Datacenter RJ 1 UTP N/A N/A 9
    G1/0/17 Trunk All BRSTG02-B-2 Datacenter RJ 2 UTP N/A N/A 9
    G1/0/18 Trunk All BRFRWL01 Datacenter RJ G1/8 UTP RACK 2 P24 X
    G1/0/19 Trunk All BRSWAC02 Datacenter RJ G0/47 UTP X X 2
    G1/0/20 Trunk All BRSWAC02 Datacenter RJ G0/48 UTP X X 2
    G1/0/21 Trunk All BRSWAC01 Datacenter RJ G1/0/47 UTP X X 1
    G1/0/22 Trunk All BRSWAC01 Datacenter RJ G1/0/48 UTP X X 1
    G1/0/23 Trunk All BRSWAC03 Datacenter RJ Gi1 (e49) UTP X X X
    G1/0/24 Acess 111 BRGW-VOZ Datacenter RJ G0/0 UTP N/A N/A X
    G1/0/1 Access 101 Cisco 8945 Tim Hosking 2 N/A N/A N/A N/A
    G1/0/2 Access 101 N/A Flavia Barbosa 6 N/A N/A N/A N/A
    G1/0/3 Access 101 N/A Karen Albuquerque 80 N/A N/A N/A N/A
    G1/0/4 Access 101 N/A Marcia Torres 78 N/A N/A N/A N/A
    G1/0/5 Access 101 N/A Bruno Barone 141 N/A N/A N/A N/A
    G1/0/6 Access 101 N/A Luzia Romero 124 N/A N/A N/A N/A
    G1/0/7 Access 101 N/A Ricardo Canela 131 N/A N/A N/A N/A
    G1/0/8 Access 101 N/A Ricardo Abi Ramia 122 N/A N/A N/A N/A
    G1/0/9 Access 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/10 Access 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/11 Access 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/12 Access 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/13 Access 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/14 Access 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/15 Access 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/16 Access 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/17 Access 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/18 Access 1 N/A GGApp N/A N/A 2 5 N/A
    G1/0/19 Access 1 N/A Backup Server N/A N/A 2 6 N/A
    G1/0/20 Access 111 N/A Forti AP 159 N/A N/A N/A N/A
    G1/0/21 Access 111 N/A Forti AP 168 N/A N/A N/A N/A
    G1/0/22 Access 103 N/A Reservoir 38 N/A N/A N/A N/A
    G1/0/23 Access 103 N/A Luciano Caletti 153 N/A N/A N/A N/A
    G1/0/24 Access 103 N/A Daniel Maia 146 N/A N/A N/A N/A
    BRSWAC01
    G1/0/25 Access 103 N/A Bruna Bittencourt 148 N/A N/A N/A N/A
    G1/0/26 Access 103 N/A Reservoir 149 N/A N/A N/A N/A
    G1/0/27 Access 103 N/A Reservoir N/A N/A N/A N/A N/A
    G1/0/28 Access 103 N/A Reservoir N/A N/A N/A N/A N/A
    G1/0/29 Access 103 N/A Reservoir N/A N/A N/A N/A N/A
    G1/0/30 Access 103 N/A Reservoir N/A N/A N/A N/A N/A
    G1/0/31 Access 102 N/A Exploration N/A N/A N/A N/A N/A
    G1/0/32 Access 102 N/A Exploration 36 N/A N/A N/A N/A
    G1/0/33 Access 102 N/A Marcia Pinheiro 32 N/A N/A N/A N/A
    G1/0/34 Access 102 N/A Manuela Souza 28 N/A N/A N/A N/A
    G1/0/35 Access 102 N/A Exploration 26 N/A N/A N/A N/A
    G1/0/36 Access 102 N/A Andres Gordon 22 N/A N/A N/A N/A
    G1/0/37 Access 102 N/A Exploration 19 N/A N/A N/A N/A
    G1/0/38 Access 102 N/A Exploration 20 N/A N/A N/A N/A
    G1/0/39 Access 102 N/A Exploration N/A N/A N/A N/A N/A
    G1/0/40 Access 102 N/A Karina Jennings 54 N/A N/A N/A N/A
    G1/0/41 Access 102 N/A Lizbeth Kalizaya 50 N/A N/A N/A N/A
    G1/0/42 Access 102 N/A Exploration 48 N/A N/A N/A N/A
    G1/0/43 Access 102 N/A Thiago William 42 N/A N/A N/A N/A
    G1/0/44 Access 102 N/A Exploration 46 N/A N/A N/A N/A
    G1/0/45 Access 102 N/A Antonio Tisi 156 N/A N/A N/A N/A
    G1/0/46 Access 102 N/A Jobel Moreira N/A N/A N/A N/A N/A
    G1/0/47 Trunk All BRSWTC01 Datacenter RJ G1/0/21 UTP X X 1
    G1/0/48 Trunk All BRSWTC01 Datacenter RJ G1/0/22 UTP X X 1
    G1/0/1 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/2 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/3 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/4 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/5 Acess 116 Fortigate N/A N/A N/A N/A N/A N/A
    G1/0/6 Acess 1 N/A N/A N/A N/A N/A N/A N/A
    G1/0/7 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/8 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/9 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/10 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/11 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/12 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/13 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/14 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/15 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/16 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/17 Acesso 100 BRCFP01 Datacenter RJ MGN UTP N/A N/A N/A
    G1/0/18 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/19 Acess 100 BRSTG02AMGM Datacenter RJ MGN UTP N/A N/A N/A
    G1/0/20 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/21 Acess 100 BRSTG02BMGM Datacenter RJ MGN UTP N/A N/A N/A
    G1/0/22 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/23 Acess 100 BRSCLU01 Datacenter RJ MGN UTP N/A N/A N/A
    G1/0/24 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    BRSWAC02
    G1/0/25 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/26 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/27 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/28 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/29 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/30 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/31 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/32 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/33 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/34 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/35 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/36 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/37 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/38 Acess 1 N/A N/A N/A N/A N/A N/A N/A
    G1/0/39 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/40 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/41 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/42 Acess 1 N/A N/A N/A N/A N/A N/A N/A
    G1/0/43 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/44 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/45 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/46 Acess 101 N/A N/A N/A N/A N/A N/A N/A
    G1/0/47 Trunk All BRSWTC01 Datacenter RJ G1/0/19 UTP X X 1
    G1/0/48 Trunk All BRSWTC01 Datacenter RJ G1/0/20 UTP X X 1
    Back

    Switch Port Mapping

    Network
    Infraestructure
    Informations
    Back Server Mapping

    Local Hostname IP Address Function Physical or Virtual

    Sede proxycevdd 172.16.224.90 proxy Virtual


    SEDE CEVADMDC01 172.21.1.250 DNS Virtual
    SEDE proxycevad 172.21.1.252 DNS Virtual
    SEDE CEVADMDC03 172.21.1.251 DNS Virtual
    CD PROXYCEVAD 172.22.5.101 DNS PRIMARIO CD Virtual S
    SEDE admdc02 172.16.224.207 Virtual
    TS cevtsdc01 172.20.0.105 Virtual
    sede Proxy SEDE 172.21.2.240 PROXY Virtual
    Virtual
    Virtual
    Virtual
    Virtual
    Virtual
    Physical
    Physical
    Physical
    Physical
    Physical
    Physical
    Virtual
    Vitual
    Server
    Physical
    Physical
    Rio de Janeiro VM
    Rio de Janeiro VM
    Back

    Server Mapping

    Network
    Infraestructure
    Informations

    CD DNS PRI 172.22.5.101


    SEC 172.21.1.252
    Back Routing Port Mapping information and the Respective Remote Device Connection

    Firewall ASA-5516-X

    Hostname BRFRWL01
    Serial Number JAD202804G8
    Back
    Hostname Port Location Interface VIP IP/Network Mask

    N/A 200.186.31.226/29
    Gi1/1 CPD Gi1/1 Expressway 200.186.31.227/29 Routing Port Mapping
    FTP 200.186.31.228/29
    BRFRWL01 Gi1/2 CPD Gi1/2 N/A 192.168.0.253/24
    G1/8 CPD G1/8.116 N/A 10.20.116.2/24
    G1/8 CPD G1/8.117 N/A 10.20.117.1/24 Network
    M1/1 CPD M1/1 N/A N/A
    Infraestructure
    Informations

    Karoon_HA
    Hostname FG_Karoon01 Hostname FG_Karoon02
    Serial Number FGT60D4613036749 Serial Number FGT60D4613036788

    Hostname Port Location Interface VIP IP/Network Mask

    WIFI_CORP CPD WIFI_CORP N/A 10.20.112.1/24


    Sofit Sw. WiFi LAN For. CPD Sofit Sw. WiFi LAN For. N/A 10.20.113.1/24
    FG_Karoon01 WIFI-VISITANTE CPD WIFI-VISITANTE N/A 10.20.114.1/24
    INTERNAL1 CPD INTERNAL1 N/A 10.20.116.3/24
    WAN1 CPD Level3 N/A 200.186.31.229/29
    Back Security - NAT - Network A

    Interface de Origem Interface de Destino Rede ou IP de Origem NAT Outside (IP ou Rede NAT Inside (IP ou Rede
    Externo(a) Público) Interno(a) Pública

    10.20.0.0/16, 192.168.1.0/24 N/A N/A


    WAN-INSIDE DMZ
    y - NAT - Network Address Translation Information

    NAT
    Rede ou IP de Interna Rede ou IP de Interna de Destino Protocolo (IP/TCP/UDP) Aplicação Porta de Origem Porta de Destino da
    de Origem Interface Outside
    10.20.0.0/16, 10.20.117.0/24 IP ANY ANY ANY
    192.168.1.0/24
    Porta de Destino da Descrição da APP
    Interface Inside

    ANY ANY Back

    Security - NAT
    Security Infraestructure
    Informations
    Back Security - Firewall WebFilter Information

    Webfilter
    Rede ou IP de Origem Rede Ou IP de Destino Grupo ou Conta/AD Protocolo (IP/TCP/UDP) Aplicação Porta de Origem Porta de Destino

    Any Any N/A TCP/UDP N/A N/A NTP

    Any Any N/A TCP/UDP N/A NTP N/A

    IPv4-Private IPv4-Private N/A IP N/A N/A N/A

    Any Any N/A N/A FTP (FTP, Active, N/A N/A


    Passive, Data)

    Any Any N/A N/A WEB N/A N/A

    Jabber, Facetime,
    Goto(Meeting e suas
    variações), LinkdIn
    (Variações de APP),
    Any Any N/A N/A Lync (Variações de N/A N/A
    APP), Skype, Scorecard
    Research, Teamviewer,
    Webex, WhatsApp e
    Windows Life

    Any Any N/A N/A Dropbox N/A N/A

    Any Any N/A N/A WEB N/A N/A

    Youtube,
    Anonymizer/proxy,
    Any Any N/A N/A gaming, Instant N/A N/A
    messsaging, p2p, social
    networking, web
    spider
    Any Any Any Any Any Any Any
    Bac
    Categoria Permit/Deny IPS Malware Analyser Descrição

    N/A Permit Permite Consulta NTP


    Security - W
    Não Não
    N/A Permit Não Não Permite Query NTP

    N/A Permit Permite acesso VPN


    Não Não

    N/A Permit Permite acesso da


    Internet a FTP Internas
    Não Não

    Web Based Email, Streaming


    Media, Government, Business
    and Economy, Computer and Permit Não Sim Categorias URL
    Internet Info, Stock Advice Permitidas
    and Tools, Financial Services,
    (URL Group MPF e CSA)

    N/A Permit Aplicações Permitidas

    Não Não
    Personal Storage Permit Aplicações Permitidas
    Não Não

    Abortion, Abused Drugs, Adult


    and Pornography, Alcohol and
    Tabacco, Bot Nets, SPAM,
    Dating,Gambling, Games, Bloqueio de Categorias
    Hacking, Hate and Racism, Padrão
    Gross, Keyloggers, Malware,
    Marijuana, Nudity, Open HTTP
    Proxy, P2P, Phishing, Prozy
    Avoid, Shareware, Spyware,
    Stock Advice, Streaming
    Media, Uconfirmed SPAM,
    Violence, Weapons,
    Facebook, Youtube Deny Não Não

    N/A Bloqueio de App Padrão

    Deny Não Não


    Any Permit Sim Sim Permite Padrão *
    **
    Back

    Security - WebFilter

    Security
    Infraestructure
    Informations

    Legenda

    Bloqueio total.
    Somente Grupos ou Usuários específicos.
    Back Security - Firewall ACL Information

    Webfilter
    N. Status Rede ou IP de Origem Rede Ou IP de Destino Service Action Descrição

    DMZ
    1 Enable 10.20.117.76 10.20.111.76 IP,ICMP Permit
    10.0.0.0/8,
    2 Enable 10.20.117.76 172.16.0.0/12, ICMP, EXP_DMZ_INSIDE Permit
    192.168.0.0/16
    3 Enable 10.20.117.76 0.0.0.0/0 ICMP, EXP_DMZ_OUT Permit
    4 Enable 10.20.117.76 0.0.0.0/0 IP Deny
    LEVEL3
    1 Enable 203,176,184,235 0.0.0.0/0 IP,ICMP Permit
    2 Enable 10.20.99.0/24 10.20.117.0/24 IP,ICMP Permit
    10.20.117.76, 10.20.111.76, TRANSVERSAL-MEDIA-DMZ-
    3 Enable 10.20.111.76 10.20.117.76 OUT, Traversal-zone Permit

    4 Enable 0.0.0.0/0 10.20.117.76 Expressway-Internet Permit


    5 Enable 0.0.0.0/0 10.20.117.76 IP Deny
    10.0.0.0/8,
    6 Disable 0.0.0.0/0 172.16.0.0/12, IP,ICMP Permit
    192.168.0.0/16
    7 Disable 0.0.0.0/0 10.20.101.100 RDP Permit
    8 Enable 0.0.0.0/0 192.168.1.40 FTP Permit
    9 Enable 0.0.0.0/0 192.168.1.40 FTP-DATA Permit
    10 Enable 0.0.0.0/0 192.168.1.40 HTTP Permit
    11 Enable 0.0.0.0/0 10.20.111.45 TCP 53 Permit
    12 Enable 0.0.0.0/0 10.20.111.45 UDP 53 Permit
    13 Enable 0.0.0.0/0 192.168.1.50 TCP 22609 Permit
    14 Enable 0.0.0.0/0 10.20.111.45 GRE, PPTP Permit
    15 Enable 0.0.0.0/0 10.20.111.45 RDP Permit
    16 Enable 0.0.0.0/0 192.168.1.40 TCP 222 Permit
    17 Enable 0.0.0.0/0 0.0.0.0/0 IP,ICMP Permit
    VIRTUA
    1 Enable 0.0.0.0/0 0.0.0.0/0 IP,ICMP Permit
    WAN-INSIDE
    1 Disable 10.20.111.45 0.0.0.0/0 GRE, FTP, FTP-DATA, PPTP Permit
    2 Enable 0.0.0.0/0 0.0.0.0/0 IP,ICMP Permit
    GLOBAL
    1 Enable 0.0.0.0/0 0.0.0.0/0 IP Deny
    OBJECT GROUP
    Nome N. Protocolo Porta de Origem Porta de Destino ICMP Descrição
    1 UDP 30000-35999 514
    2 UDP 1024-65535 53
    3 TCP 30000-35999 389
    4 TCP 30000-35999 636
    EXP_DMZ_INSIDE
    5 TCP 1024-65535 80
    6 TCP 1024-65535 443
    7 TCP 1024-65535 22
    8 UDP 123 123
    1 UDP 1024-65535 53
    2 UDP 123 123
    3 TCP 15000-15999 1024-65535
    4 TCP 15000-15999 1720
    EXP_DMZ_OUTSIDE 5 TCP 30000-35999 1024-65535
    6 TCP 25000-29999 1024-65535
    7 UDP 5060 1024-65535
    8 UDP 24000-29999 1024-65535
    9 UDP 36000-59999 1024-65535
    TRANSVERSAL-MEDIA- 1 TCP 1024-65535 7001-7002
    DMZ-OUT
    Transversal-zone 1 TCP 7001-7002 1024-65535
    1 TCP 1024-65535 15000-19999
    2 TCP 1024-65535 2776
    3 TCP 1024-65535 1720
    4 UDP 1024-65535 36000-59999
    5 TCP 1024-65535 5061
    Expressway-Internet 6 UDP 1024-65535 3478
    7 UDP 1024-65535 24000-29999
    8 TCP 1024-65535 7001-7002
    9 TCP 1024-65535 5222
    10 TCP/UDP 1024-65535 5060
    11 TCP 1024-65535 8443
    Back

    Security - ACL

    Security
    Infraestructure
    Informations
    Back Security - SSL Decryption Information

    Webfilter
    Rede ou IP de Origem Rede Ou IP de Destino Grupo ou Conta/AD Protocolo (IP/TCP/UDP) Aplicação Porta de Destino

    10.20.112.0/24, Any Any Any Any Any


    10.20.114.0/24,

    Any Any Any Any Any Any

    Any Any Any Any Any Any

    Gmail, IMAPS, Mailbox,


    Any Any Any Any Outlook, Outlook Express, Any
    POP3S, SMTPS

    Any Any Any Any Any Any

    Any Any Any Any Any Any


    Back
    Categoria SSL Action Descrição
    Security - SSL Decryp
    Não realiza decriptografia
    Any Any Do not Decryption para análise de regras de
    categoria para redes wifi
    Security Infraestructu
    Informations

    itau.com.br, santander.com.br,
    bradesco.com.br, caixa.gov.br, Não realiza decriptografia
    Business and Economy, bb.com.br, para análise de regras de
    Do not Decryption
    Financial Services bradesconetempresa.b.br, categoria para sites de
    www.net13.bradesconetempresa.b.b banco
    r, bradesconetempresa.com.br

    Não realiza decriptografia


    para serviçoes de
    webmail e IM, para
    permitir acesso a
    Internet Communications, Any Do not Decryption webmail e aplicações de
    Web based emial comunicação (whatsapp)
    para dispositivos, para
    não instalar certificados
    localmente nas maquinas
    e smartphones

    Não realiza decriptografia


    Any Any Do not Decryption para análise de regras
    para aplicações webmail
    e correio de mensagens

    Não realiza decriptografia


    para análise de regras de
    Personal Storage .dropbox.com Do not Decryption categoria para sites
    personal storage
    (somente dropbox para
    APP)

    Decriptografá todo o
    Any Any tráfego encriptografado.
    Decryption

    Legenda
    *
    **
    Back

    ecurity - SSL Decryption

    Security Infraestructure
    Informations

    Legenda
    Bloqueio total.
    Somente Grupos ou Usuários específicos.
    Back VPN - Virtual Private Network Information

    VPN
    Interface de Origem Interface de Destino Rede Interna Rede Trafego de interesse Protocolo Tunnel Encription Hash DH
    (ESP/AH)

    LEVEL3 WAN-INSIDE 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 10.20.99.0/24 ESP 3DES SHA96 5

    LEVEL3 WAN-INSIDE 10.20.0.0/16, 192.168.1.0/24 192.168.4.0/24 ESP AES SHA 2

    10.10.10.0/24,
    10.10.20.0/24,
    10.30.10.0/24,
    LEVEL3 WAN-INSIDE 10.20.0.0/16, 192.168.1.0/24 10.10.50.0/24, ESP AES SHA 2
    192.168.100.0/24,
    192.168.101.0/24,
    172.16.1.0/24

    LEVEL3 WAN-INSIDE 10.20.0.0/16, 192.168.1.0/24 192.168.2.0/24 ESP AES SHA 2


    Lifetime Authentication Chave Remote Peer Local Peer Description

    86400 PSK !QAZ2wsx Any 200.186.31.226 VPN Client


    Back
    86400 PSK !QAZ2wsx 200.175.61.35 200.186.31.226 L2L Floripa

    VPN Information
    86400 PSK !QAZ2wsx 201.234.48.26 200.186.31.226 L2L Lima

    Security Infraestructure
    Informations

    86400 PSK !QAZ2wsx 203,176,184,237 200.186.31.226 L2L


    Australia

    You might also like