The Webwall functionality of the Array appliance allows you to create permit/deny rules to filter packets passing through your network infrastructure. The Webwall supports the filtering of TCP, UDP and ICMP packets. Using access lists you will define these permit and deny rules and apply them to access groups. Once the access lists are configured, you may apply or bind the group to an interface within the network.

For more information on webwall please see our application guide.
Note: by default the Webwall is turned off.

 You will need to configure 3 places for this feature: (1) Add Access List Entry (2) Add Access Group Entry (3) Turn on webwall

1.
CLI: accesslist {permit|deny} {icmp|tcp|udp} {echorequest|echoreply} <source_ip> <source_mask> <destination_ip> <destination_mask> <accesslist_id>
   Example: (config)#accesslist permit icmp echorequest 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 100

Webui for Array TMX OS 6.4 or later: double click on "Add Access List Entry"

Note: “accesslist deny” priority is higher than “accesslist permit”

2.
CLI: webwall <interface> {on|off}
   Example: (config)#webwall inside on

Webui for Array TMX OS 6.4 or later: double click on "Add Access Group Entry"

3.
accessgroup <accesslist_id> <interface>
   Example: (config)#accessgroup inside 100
accesslist_id: The identification number assigned to this grouping of members. This value should match the value established for the access list member created with the
accesslist command.
interface: The associated interface for this access grouping; may be outside, inside, dmz, eng or any defined VLAN and bond interfaces.