1. Home
    2. /
  2. Manuals
    3. /
  3. Actiontec
    4. /
  4. MI424-WR-Rev-C
    5. /
  5. 20
Page 96 / 198 Scroll up to view Page 91 - 95
Configuring Security Settings
6.2
Firewall
6
96
© 2008 Verizon. All Rights Reserved.
For example, when accessing a website on the Internet, a request is sent out to
the Internet for this site. When the request reaches the FiOS Router, the firewall
identifies the request type and origin (HTTP and a specific computer in the local
network, in this case). Unless the FiOS Router is configured to block requests of
this type from this computer, the firewall allows this request to pass out onto
the Internet. When the website is returned from the web server, the firewall will
associate it with this session and allow it to pass, regardless of whether HTTP
access from the Internet to the local network is blocked or permitted.
Note that it is the origin of the request, not subsequent responses to this
request, which determines whether a session can be established or not.
6.2a
General Screen
The “General” screen is used to configure the FiOS Router’s basic firewall settings.
Page 97 / 198
FiOS Router User Manual
02/11/09
97
© 2008 Verizon. All Rights Reserved.
The FiOS Router features three pre-defined firewall security levels:
Maximum
,
Typical
, and
Minimum
. The table below summarizes the behavior of the FiOS
Router for each of the three security levels.
Security Level
Internet requests
(incoming traffic)
Local network requests
(outgoing traffic)
Maximum
Security
Blocked
- No access
to local network from
Internet, except as
configured in the Port
Forwarding,
DMZ
host, and
Remote Access screens.
Limited
- Only commonly
used services, such as
web browsing and email,
are permitted.
Typical Security
Blocked
- No access
to local network from
Internet, except as
configured in the Port
Forwarding,
DMZ
host, and
Remote Access screens.
Unrestricted
- All services
are permitted, except as
configured in the Access
Control screen.
Minimum
Security
Unrestricted
- Permits
full access from Internet
to local network; all
connection attempts
permitted.
Unrestricted
- All services
are permitted, except as
configured in the Access
Control screen.
These services include Telnet, FTP, HTTP, HTTPS, DNS, IMAP, POP3 and SMTP.
Note:
Some applications (such as some Internet messengers and Peer-To-Peer
client applications) tend to use these ports if they cannot connect with their
own default ports. When applying this behavior, these applications will not be
blocked outbound, even at the Maximum Security level.
Page 98 / 198
Configuring Security Settings
6.3
Access Control
6
98
© 2008 Verizon. All Rights Reserved.
To configure the FiOS Router’s firewall security settings:
From the General screen, select a security level by clicking the appropriate
1.
radio button. Using the Minimum Security setting may expose the local
network to significant security risks, and thus should only be used for short
periods of time.
Check the “Block IP Fragments” box to protect the local network from
2.
a common type of hacker attack that uses fragmented data packets to
sabotage the network. Note that VPN over IPSec and some UDP-based
services make legitimate use of IP fragments. IP fragments must be allowed
to pass into the local network to use these services.
Click
3.
Apply
to save changes.
6.3
Access Control
Access control is used to block specific computers within the local network (or
even the whole network) from accessing certain services on the Internet. For
example, one computer can be prohibited from surfing the Internet, another
computer from transferring files using FTP, and the whole network from
receiving incoming email.
Access control defines restrictions on the types of requests that can pass from
the local network out to the Internet, and thus may block traffic flowing in both
directions. In the email example given above, computers in the local network
can be prevented from receiving email by blocking their outgoing requests to
POP3 servers on the Internet.
Access control also incorporates a list of preset services in the form of
applications and common port settings.
Page 99 / 198
FiOS Router User Manual
02/11/09
99
© 2008 Verizon. All Rights Reserved.
6.3a
Allow or Restrict Services
To view and allow/restrict these services:
Select
1.
Access Control
from the left side of any Security screen. The “Access
Control” screen appears.
Note:
The “Allowed” section is only visible when the firewall is set to “Maximum.”
Page 100 / 198
Configuring Security Settings
6.3
Access Control
6
100
© 2008 Verizon. All Rights Reserved.
Click
2.
Add
. The “Add Access Control Rule” screen appears.
Note:
To block a service, click
Add
in the “Blocked” section of the Access Control
screen. To allow outgoing traffic, click
Add
in the “Allowed” section of the screen.
If this access control rule applies to all networked devices, select
3.
Any
from
the “Networked Computer/Device” list box. If this rule applies to certain
devices only, select
Specify Address
and click
Add
. Then, create and add
a network object (for more details about adding network objects, see the
“Advanced Settings” chapter of this manual).
Select the Internet protocol to be allowed or blocked from the “Protocol”
4.
drop-down list.
If the rule will be active all the time, select
5.
Always
from the “When should
this rule occur?” drop-down list. If the rule will only be active at certain times,
select
Specify Schedule
and click
Add
. Then, add a schedule rule (for more
details about schedule rules, see the “Advanced Settings” chapter of this
manual).
Click
6.
Apply
to save the changes. The Access Control screen will display a
summary of the new access control rule.
Note:
To block a service not included in the list, select
Specify Protocol
from
the Protocol drop-down menu. The “Edit Service” screen appears. Define the
service, then click
OK
. The service will then be automatically added to the top
section of the “Add Access Control Rule” screen, and will be selectable.
An access control can be disabled and the service made available without
having to remove the service from the Access Control table. This may be
useful to make the service available temporarily, with the expectation that the
restriction will be reinstated later.

Rate

4.5 / 5 based on 2 votes.

Popular Actiontec Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top