• Topic ID: concept_r2v_rwr_w3b
  • Version: 4.0
  • Date: May 22, 2022 10:32:51 PM

Configure Product Network Filters (18BW42.xx or Later)

1 Overview

Product Network Filters (PNF) is a software tool that allows a site Network Administrator to control traffic from the site's internal network to the Diagnostic Imaging System.

  1. Application software must be up.
  2. Click the Service icon to access the Common Service Desktop (CSD).
  3. Select the following: Configuration > Configure PNF or Configure Enhanced PNF
  4. The Main PNF Screen is displayed.

Figure 1. Example for Configure PNF - CSD, Configuration Tab

note: The GE Service tab on the fillter settings page may not be available on all systems.
Notice Image
  • notice
  • ALL settings made in the PNF Tool are saved on the System State (Reconfig Info). If a NEW load from cold should need to be performed, the PNF settings will be restored during the System State Restore.

2 Firewall Setting

Notice Image
  • notice
  • The Firewall should be ON at all times; this is the default setting. If issues are found because of the Firewall, contact the OLC connectivity team to resolve issues. It is not acceptable to leave the firewall OFF.

Figure 2. Main PNF Screen

For 20BW15.25 or later, PNF is always reset to ON when system reboots. In order to turn the firewall ON or OFF, ClassM Hard Key needed.

  1. Click the Firewall On/Off button, turn Firewall On or Off.
  2. Click the Apply button on the pop-up window.
  3. The Firewall On/OFF buttons are common across all tabs in the PNF tool pages. These buttons can be clicked at any time and in any tab. The function of that button will be applied by the tool at the current state of all tabs.

3 Filter Setting Page

3.1 Named Services Tab

The Named Services Tab, is the screen where the site's network administrator selects a standard networking service to dictate network traffic to or from this system to the site's network.

Figure 3. Filter Settings Page - Name Service Tab

Figure 4. Filter Settings Page - Name Setting

  1. Adding a Named Service.
    1. Click Add a rule.
    2. To add a network service, click the drop-down menu labeled Service Name for a list of standard Networking Services.

      Standard Networking Services offered are:

      • ftp
      • http
      • https
      • ldap
      • ntp
      • ping (icmp)
      • portmap
      • rexec
      • rlogin
      • rsh
      • ssh
      • ssl / tls
      • telnet
      • tftp
    3. If desired, the Named Service may be restricted for use by a specific IP Address(es). Add IP Address(es) in the Enter IP field.
    4. Click Add button.
  2. Deleting a Named Service, select the object and click the Delete button.

3.2 Allowed Nodes Tab

The Allowed Nodes tab is where the IP address(es) are entered to allow these address(es) trough the firewall.

Figure 5. Filter Settings Page - Allowed Nodes Tab

Figure 6. Filter Settings Page - Allowed Nodes Setting

  1. Adding an Allowed Node.
    1. Click Add a rule button to create a new Allowed Node.
    2. Enter the IP address in the Enter IP field.
    3. Click Add. This IP is now added to the list.
  2. Removing an Allowed Node, select the object and click the Delete button.

3.3 DICOM Setup

The DICOM screen may be used to verify that the correct DICOM port was populated during installation. This field should be auto-populated during the initial setup of the DICOM ports. Additional DICOM ports can also be added at this screen.

Figure 7. Filter Settings Page - DICOM Tab

Figure 8. Filter Settings Page - DICOM Setting

  1. Adding a DICOM Port.
    1. Click Add a rule button to create a new DICOM Port.
    2. Enter the Port number in the Enter Port Number field.
    3. Click Add. This Port is now added to the list.
  2. Removing the DICOM Port, select the object port and click the Delete button.

3.4 Expert Tab

The Expert Tab gives the network administrator the ability to create rules for the network services allowed in the Named Services screen.

Figure 9. Filter Settings Page - Expert Tab

Figure 10. Filter Settings Page - Expert Setting

  1. Creating a Rule.
    1. To create a rule for the firewall, enter the application name in the Name field.
    2. Enter the IP Address/es in the Allowed IP field.
    3. Enter the Port in the Port field.
    4. Click on the Protocol drop-down menu for the rule to be applied (ex: all, tcp, udp).
    5. Once all fields have been populated, click Add button.
  2. Removing a rule, select the object rule and click the Delete button.

3.5 GE Service Tab

note: The GE Service tab is only available to GE Healthcare service personnel.
The GE Service tab sets up the firewall to allow InSite Remote Service Connectivity / login. The Pre-defined settings for traditional access of the IIP Version that services this site selection must be configured properly.

Figure 11. Filter Settings Page - GE Service Tab

Figure 12. Filter Settings Page - GE Service Setting

3.6 Iptables List

Page displays the active firewall rule presently running on the system by click the button iptables output.

Figure 13. Iptables List

3.7 Backup/Restore Page

The Backup/Restore Page allow for local (on system) backup of PNF configuration data. This feature should be used before modifying any setting, such that a restore point is created in the event mistakes are made or configuration is corrupted. The backup can be restored to return normal operation. Follow on screen instructions.

Figure 14. Backup/Restore Page

3.8 Troubleshooting

Troubleshooting the firewall can be done by turning the Firewall On and Off.

Notice Image
  • notice
  • The Firewall should be ON at all times, this is the default setting. If issues are found because of the Firewall, contact the OLC connectivity team to resolve issues. It is not acceptable to leave the firewall OFF.

4 Finalization

When all the necessary changes/settings have been made, perform the following step:

  1. Perform a Save System State to capture PNF Configuration settings and rules in System State backup. Perform the System State Save Restore instructions from the procedure list.