1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS338
    5. /
  5. 16
Page 76 / 178 Scroll up to view Page 71 - 75
FVS338 ProSafe VPN Firewall 50 Reference Manual
4-18
Firewall Protection and Content Filtering
v1.0, September 2006
To add a service:
1.
Select
Security
from the main menu and
Services
from the submenu. The
Services
screen will
display.
2.
In the
Add Custom Service
table, enter a descriptive name for the service (this is for your
convenience).
3.
Select the Layer 3 Protocol that the service uses as its transport protocol. It can be TCP, UDP
or ICMP.
4.
Enter the first TCP or UDP port of the range that the service uses. If the service uses only one
port, then the Start Port and the Finish Port will be the same.
5.
Enter the last port of the range that the service uses. If the service only uses a single port
number, enter the same number in both fields.
6.
Click
Add
. The new custom service will be added to the Custom Services Table.
Figure 4-12
Page 77 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
Firewall Protection and Content Filtering
4-19
v1.0, September 2006
To edit the parameters of a service:
1.
In the Custom Services Table, click the
Edit
icon adjacent to the service you want to edit. The
Edit Service
screen will display.
2.
Modify the parameters you wish to change.
3.
Click
Reset
to cancel the changes and restore the previous settings.
4.
Click
Apply
to confirm your changes. The modified service will display in the Custom
Services Table.
Specifying Quality of Service (QoS) Priorities
The Quality of Service (QoS) Priorities setting determines the priority of a service, which in turn,
determines the quality of that service for the traffic passing through the firewall. The user can
change this priority:
On the
Services
screen in the Customer Services Table for customized services (see
Figure 4-12
).
On the
LAN WAN Outbound Services
screen (see
Figure 4-11
).
The QoS priority definition for a service determines the queue that is used for the traffic passing
through the VPN firewall. A priority is assigned to IP packets using this service. Priorities are
defined by the “Type of Service (ToS) in the Internet Protocol Suite” standards, RFC 1349. A ToS
priority for traffic passing through the VPN firewall is one of the following:
Normal-Service:
No special priority given to the traffic. The IP packets for services with this
priority are marked with a ToS value of 0.
Minimize-Cost:
Used when data has to be transferred over a link that has a lower “cost”. The
IP packets for services with this priority are marked with a ToS value of 1.
Maximize-Reliability:
Used when data needs to travel to the destination over a reliable link
and with little or no retransmission. The IP packets for services with this priority are marked
with a ToS value of 2.
Maximize-Throughput
: Used when the volume of data transferred during an interval is
important even if the latency over the link is high. The IP packets for services with this priority
are marked with a ToS value of 4.
Minimize-Delay:
Used when the time required (latency) for the packet to reach the
destination must be low. The IP packets for services with this priority are marked with a ToS
value of 8.
Page 78 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
4-20
Firewall Protection and Content Filtering
v1.0, September 2006
Setting a Schedule to Block or Allow Traffic
If you defined an outbound or inbound rule to use a schedule, you can set up a schedule for when
blocking occurs or when access is restricted. The firewall allows you to specify when blocking
will be enforced by configuring one of the Schedules—Schedule 1, Schedule 2 or Schedule 3.
To invoke rules and block keywords or Internet domains based on a schedule:
1.
Select
Security
from the main menu and
Schedule
from the sub-menu. The
Schedule 1
screen
will display.
2.
Check the radio button for All Days or Specific Days. If you chose Specific Days, check the
radio button for each day you want the schedule to be in effect.
3.
Check the radio button to schedule the time of day: All Day, or Specific Times. If you chose
Specific Times, enter the Start Time and End Time fields (Hour, Minute, AM/PM), which will
limit access during certain times for the selected days.
4.
Click
Reset
to cancel your settings and revert to the previous settings.
5.
Click
Apply
to save your settings to
Schedule 1.
Repeat these 5 steps to set to a schedule for
Schedule 2
and
Schedule 3.
Figure 4-13
Page 79 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
Firewall Protection and Content Filtering
4-21
v1.0, September 2006
Setting Block Sites (Content Filtering)
If you want restrict internal LAN users from access to certain sites on the Internet, you can use the
VPN firewall’s Content Filtering and Web Components filtering. By default, these features are
disabled; all requested traffic from any Web site is allowed. If you enable one or more of these
features and users try to access a blocked site, they will see a “Blocked by NETGEAR” message.
Several types of blocking are available:
Web Components
blocking. You can block the following Web component types: Proxy, Java,
ActiveX, and Cookies. Even sites on the Trusted Domains list will be subject to Web
Components blocking when the blocking of a particular Web component is enabled.
Keyword
(and domain name) blocking. You can specify up to 32 words that, should they
appear in the Web site name (URL) or in a newsgroup name, will cause that site or newsgroup
to be blocked by the VPN firewall.
You can apply the keywords to one or more groups. Requests from the PCs in the groups for
which keyword blocking has been enabled will be blocked. Blocking does not occur for the
PCs that are in the groups for which keyword blocking has not been enabled.
You can bypass Keyword blocking for trusted domains by adding the exact matching domain
to the list of Trusted Domains. Access to the domains or keywords on this list by PCs, even
those in the groups for which keyword blocking has been enabled, will still be allowed without
any blocking.
Keyword Blocking application examples:
If the keyword “XXX” is specified, the URL <http://www.badstuff.com/xxx.html> is blocked,
as is the newsgroup alt.pictures.XXX.
If the keyword “.com” is specified, only Web sites with other domain suffixes (such as .edu or
.gov) can be viewed.
If you wish to block all Internet browsing access, enter the keyword “.”.
To enable Content Filtering:
1.
Select
Security
from the main menu and
Block Sites
from the sub-menu. The
Block Sites
screen will display.
2.
Check the
Yes
radio button to enable Content Filtering.
3.
Check the radio boxes of any Web Components you wish to block.
4.
Check the radio buttons of the groups to which you wish to apply Keyword Blocking. Click
Enable
to activate Keyword blocking (or disable to deactivate Keyword Blocking).
Page 80 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
4-22
Firewall Protection and Content Filtering
v1.0, September 2006
5.
Build your list of blocked Keywords or Domain Names in the
Blocked Keyword
fields. After
each entry, click
Add.
The Keyword or Domain name will be added to the
Blocked Keywords
table. (You can also edit an entry by clicking
Edit
in the Action column adjacent to the entry.)
6.
Build a list of Trusted Domains in the
Trusted Domains
fields. After each entry, click
Add.
The Trusted Domain will appear in the
Trusted Domains
table. (You can also edit any entry
by clicking
Edit
in the Action column adjacent to the entry.)
7.
Click
Reset
to cancel your changes and revert to the previous settings.
8.
Click
Apply
to save your settings.
Figure 4-14

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top