The A box stores the authorizations for machines which are allowed to use your network (i.e., external machines you have decided to allow into your network, and internal machines you permit to leave your network or its subnets). You are able to authorize a machine by hostname or IP address, by service (i.e, ftp, telnet, ntp, etc.), and by time (i.e., Monday thru Friday 8AM to 4:30PM). Combining these criteria allows tremendous flexibility as you secure your network. You may further restrict ftp to getting (downloading) or putting (uploading) files. The A box is connected to the G box through a private network link, physically separate from the protected network. The Security Administrator can only change authorizations by sitting at the A box console. The rule base cannot be viewed or modified remotely, and the A box cannot be used for any purpose other than authorization.