Admin Console Firewall

This feature is only available with Hermes SEG Pro License.

The Admin Console Firewall allows you to specify IP Address(es) that will be allowed access to the Hermes Admin Console (/admin/ and the Ciphermail Admin Console (/ciphermail/). The Firewall does NOT affect the User Console (/users/). By default, all IP Addresses are allowed access to the Admin and the Ciphermail Admin consoles.

For best security, it's recommended that you enable the Admin Console Firewall to restrict access only to specified IP addresses.

Note: In order to prevent a lockout of the Administration Console, the system will not allow you to enable the Administration Console Firewall unless the IP address that you are accessing the the Administration Console from is in the list of Allowed IP Addresses. Additionally, it will not allow you to Delete the IP address you are accessing the Administration Console from from the list of Allowed IP Addresses.

Before the system will allow you to enable the firewall, you must first add the IP Address that you are accessing the Admin Console from, which can be found on the top right corner of the by hovering over theicon (Figure 1):

Figure 1

Click on the Add IP Address button and in the resultant window enter your IP address and set the Allow to Hermes Admin and optionally Allow to Ciphermail Admin drop-downs to YES, enter a note in the Note field for your own use and click the Submit button (Figure 2):

Figure 2

Repeat the procedure to add any additional IPs as necessary.
As you add each IP address, they will show up under the Allowed IP Addresses section (Figure 3):

Figure 3

Once you are finished adding IP address(es), set the Firewall Status drop-down to Enabled and click the Submit button (Figure 4):

Figure 4

Click the Apply Settings button to apply the changes to the firewall (Figure 5):

Figure 5

Test your firewall by attempting to access the Admin Console at https://<ipaddress>/admin/ where <ipaddress> is the IP address or the hostname of your Hermes SEG from an IP Address that you did NOT allow in Admin Console Firewall. You should a 403 Forbidden message (Figure 5)

Figure 5

Introduction

Getting Started

Upgrade and Migrate Hermes SEG 18.04 to 20.04

Requirements and Recommendations

OVA/Hyper-V Appliance URL and Default Credentials

Hermes SEG E-mail Flow

Encryption

AD Integration

Admin Authentication

Admin Console Firewall

Network Settings

Console Settings

Mail Queue

System Logs

System Backup

System Certificates

System Restore

System Settings

System Status

System Update

System Users

Email Archive

System Reboot & Shutdown

SMTP TLS Settings

Relay Host

Relay Domains

Relay IPs & Networks

Internal Recipients

Virtual Recipients

Perimeter Checks

RBL Configuration

Network Block/Allow

Sender to Recipient Block/Allow List

Global Sender Block/Allow List

SPF Settings

DKIM Settings

Antivirus Settings

Antivirus Signature Feeds

Antivirus Signature Bypass

Antispam Settings

Custom Antispam Filter Tests

Initialize Pyzor

Initialize Vipul's Razor

Clear Bayes Database

Custom File Extensions

Custom File Expressions

Message Rules

File Rules

SVF Policies

Message History

Internal Certificate Authority

PGP Key Servers

Encryption Settings

Internal Recipients Encryption

External Recipients Encryption

Admin Console Firewall