gwkeeper manages a set of hosts so that their access to outer networks (and the Internet) is restricted.

Operations are carried out through SNMP : a SNMP management console performs remote modifications on the remote target hosts : the management process connects to the SNMP agent on the target remote host and requests operations to be performed on its behalf.

Modifications consist in removing/restoring the default route on the target hosts. When the remote host does not have a default route, it is confined to the LAN and does not have access to the Internet, whatever the protocol, be it http, ftp, mail, chat ...

This requires :

• the SNMP agent to be installed and active on the target hosts
• the operator to have administrative privileges on the target hosts

Agent installation:

Control panel/Add-remove software/ Add-remove Windows components/ Analysis and management tools/Details/SNMP

Agent configuration:

The configuration of the agent, once it can be connected to, is performed by gwkeeper (through remote registry access).
See also : Control panel/Administrative tools/Services/SNMP service/Properties/Security
The community parameter acts as a password for the agent:
Minimal required permission must be READWRITE.

30-10-2004