Rules

  • Create Firewall Rule
    To create and configure firewall rules, go to the Rules> Firewall tab in the Timus Manager:
    Click the Create New button on the top right of the page.
    Configuration of Firewall
    • Action can be Allow or Deny.
    • Status is selected as Enabled by default. Yet, you can select Disabled while creating a rule to make it enabled later.
    • The Source can be Network, Site, IP, Location(GeoIP), User, Team, Device, Tag and you are allowed to add multiple sources.
    • The Destination can be Network, Site, IP, User, Team, Device, Tag, Category, Website, Keywords and you are allowed to add multiple destinations.
    • The service can be selected from the pre-defined list as shown in the image below or you can select Custom to customize the rule. If you would like to define a rule for both TCP and UDP, you can select TCP/UDP as shown in the image below. You are allowed to define multiple services.
    • You can block/allow any countries by using the option Location on both Source and Destination.

    Services

    Service Category
    HTTP
    Web Access
    HTTPS
    VoIp
    SIP
    Database Access
    MSSQL_SERVER
    MSSQL_MONITOR
    MYSQL
    POSTGRESQL
    Remote Access
    RDP
    SSH
    TELNET
    VNC-RFB
    RPC
    DCE-RPC
    File Access
    FTP_DATA
    FTP_CONTROL
    TFTP
    SMB
    Network Services
    DNS
    DNS_MULTICAST
    DNS_OVER_TLS
    DNS_OVER_QUIC
    DHCP_SERVER
    DHCP_CLIENT
    NTP
    SNMP
    SYSLOG
    SSDP_UDP
    SSDP_TCP
    Email
    IMAP
    IMAPS
    POP3
    POP3S
    SMTP
    SMTPS
    Authentication
    LDAP
    LDAPS
    RADIUS
    KERBEROS_AUTH
    KERBEROS_PWD
    KERBEROS_ADMIN
    Protocol
    HOPOPT
    ICMP
    IGMP
    GGP
    IPv4
    ST
    TCP
    CBT
    EGP
    IGP
    BBN-RCC-MON
    NVP-II
    PUP
    ARGUS
    EMCON
    XNET
    CHAOS
    UDP
    MUX
    DCN-MEAS
    HMP
    PRM
    XNS-IDP
    TRUNK-1
    TRUNK-2
    LEAF-1
    LEAF-2
    RDP
    IRTP
    ISO-TP4
    NETBLT
    MFE-NSP
    MERIT-INP
    DCCP
    3PC
    IDPR
    XTP
    DDP
    IDPR-CMTP
    TP++
    IL
    IPV6
    SDRP
    IPV6-ROUTE
    IPV6_FRAG
    IDRP
    RSVP
    GRE
    DSR
    BNA
    ESP
    AH
    I-NLSP
    SWIPE
    NARP
    MIN-IPV4
    TLSP
    SKIP
    IPV6-ICMP
    IPV6_NONXT
    IPV6_OPTS
    CFTP
    SAT-EXPAK
    KRYPTOLAN
    RVD
    IPPC
    SAT-MON
    VISA
    IPCV
    CPNX
    CPHB
    WSN
    PVP
    BR-SAT-MON
    SUN-ND
    WB-MON
    WB-EXPAK
    ISO-IP
    VMTP
    SECURE-VMTP
    VINES
    IPTM
    NSFNET-IGP
    DGP
    TCF
    EIGRP
    OSPFIGP
    SPRITE-RPC
    LARP
    MTP
    AX.25
    IPIP
    MICP
    SCC-SP
    ETHERIP
    ENCAP
    GMTP
    IFMP
    PNNI
    PIM
    ARIS
    SCPS
    QNX
    A/N
    IPCOMP
    SNP
    COMPAQ-PEER
    IPX-IN-IP
    VRRP
    PGM
    L2TP
    DDX
    IATP
    STP
    SRP
    UTI
    SMP
    SM
    PTP
    ISIS_OVER_IPV4
    FIRE
    CRTP
    CRUDP
    SSCOPMCE
    IPLT
    SPS
    PIPE
    SCTP
    FC
    RSVP-E2E-IGNORE
    MOBILITY_HEADER
    UDPLITE
    MPLS-IN-IP
    MANET
    HIP
    SHIM6
    WESP
    ROHC
    ETHERNET
    AGGFRAG
    NSH

    If you enable Custom Source Port, you are allowed to define a specific source port. Otherwise, the source port would be selected as Any.

    • Clear sessions: If enabled, all the existing sessions of the source items in the rule will be cleared when the rule is applied. This means the rule will be enforced immediately for all source items, without the need to wait for termination of their existing sessions. If disabled, the rule will be enforced for the source items after their existing sessions are terminated. This is disabled by default.
    • Log rules: If enabled, traffic logs related to this rule will be collected. Otherwise, they will not be collected. This is enabled by default.
    • Schedule: This is defined as Everyday. If you would like to select a specific period of time/duration, you can modify the schedule depending on your needs.
    • There are 2 rules defined by default and they are not editable, deletable or movable.

    • If you would like to prioritize the rules you have created, you can use the drag-and-drop directive, and the rule order is from top to bottom.
    • To be able to block the paths on the URLs lie example.com/timus, you need to make sure that the SSL Inspection is enabled on the device and the certificate has been installed successfully.

     

     

     

    See more
  • Web Categories and Rules
    This article explains the process of creating firewall rules for a website or categories of websites. Furthermore, it explains you more details about the name of the categories and their descriptions in detail.
    To be able to manage and use the Web Categories, you need to go to the page the Timus Manager -> Rules -> Web Categories.
    • If you want to look up the domain, you can use the search bar to enter a domain to search as shown in the image below.

    • We support Import functionality for the domain entries with a csv file, you can click on Import to be able to add the domains faster as shown in the image below. You can click on Download Sample and you can add your domains accordingly.

    • You can either customize a web category by clicking on Create New or use the pre-defined categories as shown in the image below.

    • As an example, here is a new created category called Knowledge Base and there are 2 domains www.timusnetworks.com and timusnetworks.com in it.

    • You can either Include the domains or exclude the domains by editing the web category. Please note that you are not allowed to edit or delete the predefined web categories.

     

    Adult

    The "Adult" category comprises web pages containing images or videos depicting sexual acts, sexual arousal, or explicit nude imagery with a sexual intent. It also includes pages that use frequent or serious profanity. Additionally, this category encompasses pages whose primary content is child-appropriate, but with regular or irregular sections featuring sexually themed, non-educational material. Web pages with sexual content, products, or services related to sex, but without explicit nudity, are part of this category. It also includes pages featuring tasteless content, such as cruelty to animals, bathroom humor, and other potentially inappropriate material for children.

    Alcohol

    The "Alcohol" category includes web pages that promote, advocate, or sell alcohol, encompassing a variety of beverages such as beer, wine, and hard liquor. These pages may feature information about different types of alcoholic products, brands, and related events. They could also provide details on the production, distribution, and consumption of alcoholic beverages. Additionally, these web pages might offer the option to purchase alcohol online or provide resources for locating physical stores selling such products. The content within this category is focused on the promotion and commercial aspects of the alcohol industry.

    Anonymizers

    The "Anonymizers" category includes web pages that promote the use of proxies and anonymizers. These tools are intended to facilitate anonymous and unrestricted access to websites by bypassing filters and other online restrictions. Anonymizers are often employed to conceal the user's identity and location, allowing them to browse the internet without revealing personal information. These pages may provide information, tools, or services related to the use of proxies for the purpose of maintaining online privacy and evading content restrictions.

    Banking

    The "Banking" category encompasses web pages operated by or dedicated to banks and credit unions, with a specific focus on online banking applications. This category excludes online brokerages, concentrating on financial institutions providing services related to traditional and digital banking, including account management, transactions, and financial services.

    Business & Services

    The "Business & Services" category encompasses a wide array of web pages, covering real estate transactions, agriculture-related information, construction and architectural services, genetics research, and biotechnology firms. It serves as a general category for businesses not fitting into more specific classifications, including furniture makers and retail outlets. The insurance sector is also represented, spanning various types from health to car insurance. The category further includes manufacturing and industrial production businesses, as well as those involved in security products and services, excluding computer security. Information on retirement homes and communities, inventory management, and connections within communities are also part of this diverse category, along with advertising agencies and marketing services, excluding online banner ads. In essence, "Business & Services" provides a comprehensive overview of commercial and service-related content.

    Chat

    The "Chat" category encompasses web pages designed for real-time communication, featuring chat rooms and messaging functionalities that facilitate group discussions among strangers or friends in both public and private settings. These pages serve as platforms for interactive conversations, allowing users to engage in discussions with others. Additionally, the category includes instant messaging software and web pages that enable users to stay connected with a list of "buddies" through messaging services. In essence, "Chat" provides diverse means for individuals to communicate in real-time, fostering both group interactions and one-on-one conversations through messaging platforms.

    Content Servers

    The "Content Servers" category includes web servers that lack navigable web pages and are primarily employed for hosting images and other media files. These servers play a crucial role in enhancing web page performance and site scalability by offloading media content delivery. Instead of serving complete web pages, they focus on efficiently delivering media elements, reducing page load times and optimizing the overall user experience. Content servers are integral to content delivery networks (CDNs) and are strategically positioned to distribute multimedia content, ensuring faster and more reliable access to images and other media resources for website visitors.

    Criminal Activities

    The "Criminal Activities" category includes web pages that promote extreme ideologies, discrimination, and hate based on factors like political affiliation, gender, race, or religion. Additionally, it encompasses pages that promote illegal drugs, including information on common illegal drugs and the misuse of prescription drugs. Content depicting physical or sexual abuse of children is also covered in this category. Moreover, the category includes web pages providing information on illegal activities such as burglary, murder, bomb-making, and lock picking. Pages with tools and information facilitating online crime, unauthorized access to computers, and fraud are part of this category. Furthermore, it involves content related to marijuana, covering aspects like legalization, medicinal use, and general information. Lastly, the category includes pages that provide access to illegally obtained files, such as pirated software, movies, and music, as well as sites offering assistance in cheating on homework and tests.

    Culture & Arts

    The "Culture & Arts" category encompasses web pages related to the development or display of the visual arts. This includes platforms featuring various forms of artistic expression, such as paintings, sculptures, and other visual creations. Additionally, the category includes web pages dedicated to published writings, spanning fiction and non-fiction novels, poems, and biographies. These pages serve as platforms for authors and literary enthusiasts to share and explore written works across different genres and styles.

    Dating

    The "Dating" category encompasses web pages that are focused on promoting relationships, including dating and marriage. These websites are designed to facilitate connections between individuals seeking romantic partnerships. They may feature profiles, matchmaking services, and communication tools to help users interact and potentially form long-term relationships. The content typically revolves around dating advice, relationship tips, and platforms for meeting and connecting with potential partners.

    Education

    The "Education" category comprises a variety of web pages tailored to facilitate learning and academic pursuits. It includes pages for schools with an online presence, encompassing universities, private and public schools, and other real-world educational institutions that offer online resources and information. Additionally, the category covers web pages hosting academic publications, journals, research findings, curriculum details, online learning courses, and materials, providing a comprehensive repository for scholarly content and educational tools. These pages cater to students, researchers, and educators seeking valuable resources for academic enrichment. Furthermore, "Education" includes web pages containing reference materials, offering data compilations and reference shelf content such as atlases, dictionaries, encyclopedias, census data, and other reference materials. These resources contribute to a well-rounded educational experience, supporting users in their quest for knowledge and information.

    Entertainment

    The "Entertainment" category encompasses a diverse range of web pages designed to provide amusement and enjoyment. This includes pages featuring comics, jokes, and other humorous content to elicit laughter and entertainment. Furthermore, it includes platforms offering internet radio, streaming media, and downloads related to musicians, bands, MP3s, and various media content. Additionally, the category covers web pages dedicated to animated TV shows, movies, comic books, and graphic novels, catering to fans of animated and illustrated entertainment. News and gossip about celebrities, television shows, movies, and the broader entertainment industry are also featured, keeping users informed about the latest developments. Moreover, "Entertainment" includes pages devoted to the venues of entertainment, such as comedy clubs, nightclubs, discos, festivals, theaters, and playhouses, offering information about places where entertainment events unfold. Lastly, the category encompasses web pages providing comprehensive content about television shows and movies, including reviews, showtimes, plot summaries, discussions, teasers, and marketing materials, creating an immersive experience for enthusiasts.

    Environment

    The "Environment" category encompasses web pages dedicated to fostering awareness and understanding of environmental issues. These pages provide information on various aspects of sustainability, including sustainable living practices and initiatives. Additionally, the category covers content related to ecology, delving into the study of ecosystems, biodiversity, and the interactions between organisms and their environments. Furthermore, these web pages offer insights into nature and the environment, sharing knowledge on topics like wildlife conservation, natural habitats, and environmental conservation efforts. By compiling information on environmental

    See more
  • Forwarding Rules
    To create a forwarding rule that manages traffic from devices, IP addresses, and networks for your organization's network.
    • Create a Forwarding rule by going to Timus Manager -> Rules -> Forwarding page.

    • Once you click on Create New, you will be able to see the page as shown in the image below:

    • You can define a range for both source and destination ports like 1000-2000.
    • Once you extend the Schedule, you can decide if the forwarding will be active Everyday (all the time) or it will be active for a specific period of time. It has been selected as Everyday by default.

    • Map to Port: When enabled, destination ports loop sequentially for source ports.

    The Map to Port feature allows you to specify a range of ports on both protocols, TCP or UDP, for instance, 70-75, and map them to a destination range, such as 80-85. Ports are forwarded sequentially: port 70 maps to port 80, port 71 maps to port 81, and so on. This feature is useful for port forwarding in a one-to-one manner."

    See more