Gateway Configuration Screen Definitions

SURFboard® SBG6580 Wireless Cable Modem Gateway

•

User Guide

55

365-095-25397-x.1

Firewall Screens

You can configure firewall filters and alert notifications for your home network. The SBG6580 firewall

protects the SBG6580 LAN from unwanted attacks and other intrusions on the Internet. Firewall

protection also provides the following benefits:

•

Advanced, integrated stateful-inspection firewall supporting intrusion detection, session tracking,

and denial-of-service attack prevention.

•

Maintains state data for every TCP/IP session on the OSI network and transport layers.

•

Monitors all incoming and outgoing packets, applies the firewall policy to each one, and screens for

improper packets and intrusion attempts.

•

Generates comprehensive notifications for the following:

ο

User authentications

ο

Rejected internal and external connection requests

ο

Session creation and termination

ο

Outside attacks (intrusion detection)

Protection Level

The Firewall Protection Level screen has various settings related to blocking or exclusively allowing

different types of data through the SBG6580 from the WAN to the LAN. There are three security firewall

protection levels which correspond to how many services are allowed:

•

High

- Safest configuration, highest security

•

Medium

- Common configuration, modest risk

•

Low

- Minimum security, higher risk

•

Off

- No security, highest risk

Firewall protection enables the Stateful Packet Inspection (SPI) firewall features. Block Fragmented IP

packets prevent all fragmented IP packets from passing through the firewall. Port Scan Detection

detects and blocks port scan activity originating on both the LAN and WAN. IP Flood Detection detects

and blocks packet floods originating on both the LAN and WAN.

You can block Java Applets, Cookies, ActiveX controls, pop up windows, and Proxies.

Figure 52 – Firewall Protection Level Screen

Gateway Configuration Screen Definitions

SURFboard® SBG6580 Wireless Cable Modem Gateway

•

User Guide

56

365-095-25397-x.1

Table 18: Firewall Protection Level-Field Descriptions

Field

Description

Firewall Protection

Level

•

Select

Low

,

Medium

, or

High

to set the level of firewall

protection that you want for your gateway.

•

Select

Off

to disable firewall protection.

Note

: If you choose to disable firewall protection, your

computer(s) and other Ethernet-enabled devices on your

home network will be at risk for possible attacks from viruses

and hackers.

Firewall Settings

•

Checkmark to enable each filter that you want to set for

the firewall.

•

Click

Apply

, when done.

Allowed Services

Listing of the websites you selected to allow access to

from your home network.

Parental Control

You can use the Parental Control screen to set up user access restrictions on a specific device connected

to your SBG6580 network. You can set up the following Parental Controls:

•

Allow or block access to specific Internet sites.

•

Allow or block access to specific MAC addresses.

•

Allow or block Internet access based on specific day and time settings.

•

Enable or disable Internet session duration timers to limit the amount of time for Internet access.

Note

: When creating Parental Control access filters, remember to assign the Start and End ports. Otherwise,

any filters without assigned ports will apply to all ports. This also applies to MAC addresses.

Figure 53 – Firewall Parental Control-Set Time Zone Screen

Gateway Configuration Screen Definitions

SURFboard® SBG6580 Wireless Cable Modem Gateway

•

User Guide

57

365-095-25397-x.1

Table 19: Firewall Parental Control-Set Time Zone-Field Descriptions

Field

Description

Current Time

Enter the current time.

Current Time Zone

Select your time zone.

Automatically Adjust for

Daylight Saving Time

Select

Yes

or

No

if you want the time to change for

Daylight Saving Time.

Figure 54 – Firewall Parental Control Screen

Table 20: Firewall Parental Control-Field Descriptions

Field

Description

Description

Enter a name to create a new user profile.

MAC Address

Enter the 12-digit (hexadecimal) hardware address of the

device that you are setting up for parental controls.

The MAC addressed is assigned by the hardware

manufacturer and should be located on the device label.

Gateway Configuration Screen Definitions

SURFboard® SBG6580 Wireless Cable Modem Gateway

•

User Guide

58

365-095-25397-x.1

Field

Description

URL

Enter the web address of the Internet site that you want to

block or access.

Start Port

Enter the starting port number of the range of ports for which

you want to block incoming or outgoing access.

Default port is

0

.

End Port

Enter the ending port number of the range of ports for which

you want to block incoming or outgoing access.

Default port is

0

.

Protocol

Select

TCP

,

UDP

, or

Both

for the Internet protocol.

Days

Select the days of the week that the selected user can access

the Internet.

Time

Set the start and end time of day that the selected user can

access the Internet.

Allow/Block

Set to allow or block Internet access for the time defined

above.

Enabled

Turn ON or OFF this Parental Control restriction.

Time Zone

Update the related time information for your location.

Local Log

You can use either of the following two formats to send your firewall event log notifications:

•

Individual e-mail alerts sent out automatically each time the firewall is under attack

•

Local log stored within the gateway and displayed in table form on the Local Log page

Figure 55 – Firewall Local Log Screen

Gateway Configuration Screen Definitions

SURFboard® SBG6580 Wireless Cable Modem Gateway

•

User Guide

59

365-095-25397-x.1

Table 21: Firewall Local Log-Field Descriptions

Field

Description

Contact Email Address

Your email address

SMTP Server Name

Name of the email Simple Mail Transfer Protocol

(SMTP) server

The firewall page requires the name of your email

server for sending a firewall log to your email address.

You can obtain the SMTP server name from your

service provider.

SMTP Username

Your user name for your email account. Check with

your email service provider.

SMTP Password

Your user password for your email account. Check with

your email service provider.

Email Alerts

Enable or disable emailing firewall alerts.

Remote Log

You can send firewall attack reports out to a standard SysLog server, so that many instances can be

logged over a long period of time. You can select individual attack or configuration items to send to the

SysLog server so that only the items of interest will be monitored.

There are four types of Firewall reports that you can monitor and log:

•

Permitted Connections

– Select to notify the server to send you email logs identifying who is

connecting to your network.

•

Blocked Connections

– Select to notify the server to send you email logs identifying who was

blocked from connecting to your network.

•

Known Internet Attacks

– Select to notify the server to send you email logs of known Internet

attacks against your network.

•

Product Configuration Events

– Select to notify the server to send you email logs of the basic

product configuration events logs.

The SysLog server must be on the same network as the Private LAN behind the Configuration Manager

(typically 192.168.0.x).

To activate the SysLog monitoring feature, check all desired event types to monitor and enter the last

byte of the IP address of the SysLog server. Normally, the IP address of this SysLog server is hard coded

so that the address always agrees with the entry on this page.