Conversation Filtering

Enterprise Server provides you with a conversation filter or "firewall" feature. You can use it to restrict which client systems can connect to an enterprise server region.

Clients are granted or denied a connection based on rules, which apply to a client IP address or hostname. Rules can use wildcards, and the most specific rule that matches the client address or name determines which rule is used. The default action is to grant a connection to unmatched clients. The default behavior can be changed by using a "deny" rule which matches all clients that are not covered by a more specific rule. For example, a generic deny rule for IPv4 connections would be deny:0.0.0.0/0.

Note: This rule would not block IPv6 connections. See Filter Rules for more information.

You can configure rules for the server, each communications process, and each listener. If the best matching listener rule has the same rank (specificity) as the best matching communications process or server rule, then the listener rule takes precedence.