WRVS4400N User Guide

5

What’s in this Guide?

Getting Started

•

Appendix G, "Warranty Information"

This appendix supplies the warranty information for the Router.

•

Appendix H, "Regulatory Information"

This appendix supplies the regulatory information regarding the Router.

•

Appendix I, "Contact Information"

This appendix provides contact information for a variety of Linksys resources, including

Technical Support.

•

Appendix J, "Trend Micro ProtectLink Gateway Service"

This appendix provides detailed information on how to configure the ProtectLink

Service.

Downloaded from

www.Manualslib.com

manuals search engine

WRVS4400N User Guide

6

An Introduction to LANs

Networking and Security Basics

Networking and Security Basics

An Introduction to LANs

A Router is a network device that connects multiple networks together and forward traffic

based on IP destination of each packet.

The Wireless-N Gigabit Security Router can connect your local area network (LAN) or a group of

PCs interconnected in your home or office to the Internet. You can use one public IP address

from the ISP through WAN port and use the router’s Network Address Translation (NAT)

technology to share this single IP address among all the users.

The Router’s Network Address Port Translation (NAPT or NAT) technology protects your

network of PCs so users on the Internet cannot “see” your PCs. This is how your LAN remains

private. The Router protects your network by inspecting the first packet coming in through the

Internet port before delivery to the final destination on one of the Ethernet ports. The Router

inspects Internet port services like the web server, ftp server, or other Internet applications,

and, if allowed, it will forward the packet to the appropriate PC on the LAN side.

Multiple Wireless-N Gigabit Security Routers can also be used to connect multiple LANs

together. This usually applies to a medium-sized or larger company where you want to divide

your network into multiple IP subnets to increase the intranet throughput and reduce the size

of the IP broadcast domain and its interference. In this case, you need one WRVS4400Nv2 for

each subnetwork and you can connect all the WAN ports to a second level Router or switch to

the Internet. Note that the second level Router only forwards data packets through a wired

network so you don’t have to use the Wireless-N Gigabit Security Router. You can use any wired

router in the Linksys family, e.g. RVS4000, which has 4 LAN ports and 1 WAN port.

The following diagram shows an example that consists of two levels of routers and multiple

LANs inter-connected together. The wireless network is only available at the first level of router

to provide end user connections. The second level router can connect to dedicated Server PCs

or routers that aggregates traffic from different LANs.

Downloaded from

www.Manualslib.com

manuals search engine

WRVS4400N User Guide

7

The Use of IP Addresses

Networking and Security Basics

Example network

The Use of IP Addresses

IP stands for Internet Protocol. Every device in an IP-based network, including PCs, print servers,

and routers, requires an IP address to identify its location, or address, on the network. This

applies to both the Internet and LAN connections.

There are two ways of assigning IP addresses to your network devices.

A static IP address is a fixed IP address that you assign manually to a PC or other device on the

network. Since a static IP address remains valid until you disable it, static IP addressing ensures

that the device assigned it will always have that same IP address until you change it. Static IP

addresses are commonly used with dedicated network devices such as server PCs or print

servers. Since a user’s PC is moving around in a network and is being powered on or off, it does

not require a dedicated IP address that could be a precious resource in your network.

NOTE:

Since the Router is a device that connects two

networks, it needs two IP addresses—one for the LAN,

and one for the Internet. In this User Guide, you’ll see

references to the “Internet IP address” and the “LAN IP

address.”

NOTE:

Since the Router uses NAT technology, the only IP

address that can be seen from the Internet for your

network is the Router’s Internet IP address. However, even

this Internet IP address can be hidden on the Internet by

suppressing PING response.

Downloaded from

www.Manualslib.com

manuals search engine

WRVS4400N User Guide

8

The Use of IP Addresses

Networking and Security Basics

If you use the Router to share your cable or DSL Internet connection, contact your ISP to find

out if they have assigned a static IP address to your account. If so, you will need that static IP

address when configuring the Router. You can get the information from your ISP.

A dynamic IP address is automatically assigned to a device on the network. This IP address is

called dynamic because it is only temporarily assigned to the PC or other device. After a certain

time period, it expires and may change. If a PC logs onto the network (or the Internet) and its

dynamic IP address has expired, the DHCP server will assign it a new dynamic IP address. Most

ISPs use dynamic IP addresses for their customers. By default, the Router’s Internet Connection

Type is

Obtain an IP automatically

(DHCP).

For DSL users, many ISPs may require you to log on with a user name and password to gain

access to the Internet. This is a dedicated, high-speed connection type called Point-to-Point

Protocol over Ethernet (PPPoE). PPPoE is similar to a dial-up connection, which establishes a

PPP session with an ISP server through the DSL connection. The server will also provide the

Router with a dynamic IP address to establish a connection to the Internet.

A DHCP server can either be located on a designated PC on the network or another network

device, such as the Router. The PC or network device obtaining an IP address is called the DHCP

client. DHCP frees you from having to assign IP addresses manually every time a new user is

added to your network. For this Wireless-N Router, a DHCP client is running on a WAN port for

most configurations. A DHCP server is running on the LAN side to provide services.

By default, a DHCP server is enabled on the Router. If you already have a DHCP server running

on your network, you MUST disable one of the two DHCP servers. If you run more than one

DHCP server on your network, you will experience network errors, such as conflicting IP

addresses. To disable DHCP on the Router, refer to the Basic Setup section in “Chapter 6: Setting

Up and Configuring the Router.”

Downloaded from

www.Manualslib.com

manuals search engine

WRVS4400N User Guide

9

The Intrusion Prevention System (IPS)

Networking and Security Basics

The Intrusion Prevention System (IPS)

IPS is an advanced technology to protect your network from malicious attacks. IPS works

together with your SPI Firewall, IP Based Access List (IP ACL), Network Address Port Translation

(NAPT), and Virtual Private Network (VPN) to achieve the highest amount of securities.

IPS Scenarios

IPS works by providing real-time detection and prevention as an in-line module in a router. The

Wireless-N Security Router has hardware-based acceleration for real-time pattern matching for

malicious attacks. It actively filters and drops malicious TCP/UDP/ICMP/IGMP packets and can

reset TCP connections. This protects your client PCs and servers running various operating

systems including Windows, Linux, and Solaris from network worm attacks. However, this

system does not prevent viruses attached emails.

The P2P (peer to peer) and IM (instant messaging) control allows the system administrator to

prevent network users from using those protocols to communicate with people over the

Internet. This helps the administrators to set up company policies on how to use their Internet

bandwidth wisely.

The signature file is the heart of the IPS system. It is similar to the Virus definition files on your

PC’s Anti-Virus programs. IPS uses this file to match against packets coming in to the Router and

performs actions accordingly. As of today, the Wireless-N Router is shipped with signature file

version 1.3.8 and with a total of 1101 rules. The rules cover the following categories: DDoS,

Buffer Overflow, Access Control, Scan, Trojan Horse, Misc., P2P, IM, Virus, Worm, and Web

Attacks.

Customers are encouraged to update their IPS signature file regularly to prevent any new type

of attacks on the Internet.

Downloaded from

www.Manualslib.com

manuals search engine