Page 111 / 128 Scroll up to view Page 106 - 110
103
10 INTERNET SECURITY
DMS-CTC-20101206-0033 v1.0
10.2 Firewall
Introduction
The MediaAccess Gateway comes with an integrated firewall that helps you protect your network from attacks from the
Internet. This firewall has a number of predefined levels to allow you to adjusted the firewall to your needs.
The Firewall is disabled by default. This means that
all
traffic passing through the MediaAccess Gateway (from and to the
Internet) is allowed.
Predefined security levels
The MediaAccess Gateway has a number of predefined security levels. The following levels are available:
BlockAll
:
All traffic from and to the Internet is blocked. Game and Application Sharing is not allowed by the firewall.
Standard
:
All outgoing connections are allowed. All incoming connections are blocked, except for inbound connections assigned to
a local host via Game and Application Sharing. This is the
default firewall level
.
Disabled
:
All in- and outgoing traffic is allowed to pass through your MediaAccess Gateway, including Game and Application
Sharing.
Changing the security level
Proceed as follows:
1
Browse to the
MediaAccess Gateway GUI
.
For more information, see
“Accessing the MediaAccess Gateway GUI” on page 37
.
2
On the
Toolbox
menu, click
Firewall
.
3
The
Firewall
page appears. In the upper-right corner, click
Configure
.
4
Under
Security Settings
, select the security level of your choice and click
Apply
.
Creating your own security level
Proceed as follows:
1
In the
Toolbox
menu click
Firewall
.
2
In the
Firewall
section, go to the
Configure
page.
3
In the
Pick a task
list, click
Create a new Security Level
.
4
In the
Name
box, type a name for the new security level and select an existing security level to clone from.
5
Click
Apply
.
6
A page with the firewall settings of your newly created security level appears. Click
Edit
.
7
Enter the following information:
The
Name
of the firewall rule.
Although BlockAll will block all connections, some mandatory types of traffic such as DNS will still be relayed
between LAN and WAN by the MediaAccess Gateway.
The firewall levels only have impact on traffic passing through your MediaAccess Gateway. This means that the
handling of traffic directly appointed from and to MediaAccess Gateway is independent of the selected firewall level.
Protocol checks will be performed on all accepted connections, irrespective of the chosen level.
Once you create a security level, you can not delete it anymore. It will always available in the list of available security
levels.
Page 112 / 128
104
10 INTERNET SECURITY
DMS-CTC-20101206-0033 v1.0
The
Source Interface
and
IP Address
(range).
Or you can type a
User-defined
IP address (range).
The
Destination Interface
and
IP Address
(range)
Or you can type a
User-defined
IP address (range).
The
Service
type of the traffic; this can be a protocol (DNS, SMTP,...) or a specific MediaAccess Gateway system
service.
8
Select an
Action
that should be done on traffic for which the firewall rules applies:
Accept
: to allow the traffic to pass
Deny
: to drop the traffic (without notification)
Count
: to let the traffic pass, but count it (Hits)
9
Click
Apply
.
Use
Any
as IP address in case all traffic for the interface should be parsed.
Use
Any
as IP address in case all traffic for the interface should be parsed.
Page 113 / 128
105
10 INTERNET SECURITY
DMS-CTC-20101206-0033 v1.0
10.3 Access Control
Introduction
Access Control allows you to create
access schedules for Internet access
.
By default, all devices have constant access to the Internet. Access Control allows you to create exceptions on this rule by
adding an access schedule for devices. You can define two schedules for each device:
One schedule for weekdays (Monday until Friday)
For example. On weekdays, your child’s computer is allowed to access the Internet from 6:00 until 7:59 and from 19:00
until 21:59.
One schedule for the weekend (Saturday and Sunday)
For example. In the weekend, your child’s computer is allowed to access the Internet from 9:00 until 22:59.
Warning
Make sure that the persons using these devices are aware of the time schedule. This to avoid the loss of data or unexpected
service interruption.
Requirements
Before you can start:
Your MediaAccess Gateway must be connected to the Internet.
Your MediaAccess Gateway must use a time server for its time configuration.
For more information, see
“9.4 Network Time Server” on page 94
.
Creating an access schedule
Proceed as follows:
1
On the
Home Network
, click
Access Control
.
2
The
Access Control
page appears.
3
If you did not yet create an access rule for the device, select the device under
Device Access Scheduler
and click
Add
.
The selected device is now listed under
Current Scheduled Devices
.
4
Under
Current Scheduled Devices
, click the
Edit
button next to your device.
Depending on the software version used by your service provider, this feature may not yet be available on your
MediaAccess Gateway.
Page 114 / 128
106
10 INTERNET SECURITY
DMS-CTC-20101206-0033 v1.0
5
The
Device Access Editor
page appears. Select the hours for which you want to
allow
Internet access. For example, if
you select
06
this means that access is allowed from 6:00 until 6:59.
6
Click
Apply
.
7
The schedule is now active.
Removing an access schedule
By removing the access schedule for a device, you will provide it constant access to the Internet.
Proceed as follows:
1
On the
Home Network
, click
Access Control
.
2
The
Access Control
page appears. Under
Current Scheduled Devices
, click the
Delete
button next to your device.
3
This device now has constant access to the Internet.
Page 115 / 128
107
10 INTERNET SECURITY
DMS-CTC-20101206-0033 v1.0
10.4 Wireless Time Control
Introduction
Wireless Time Control allows you to restrict wireless access to one or two sessions. This means that your wireless devices will
not be able to connect to the Internet (or your local network) outside these time frames.
Warning
Make sure that the persons that use a wireless connection are aware of these time frames. This to avoid the loss of data or
unexpected service interruption.
Requirements
Before you can start:
Your MediaAccess Gateway must be connected to the Internet.
Your MediaAccess Gateway must use a time server for its time configuration.
For more information, see
“9.4 Network Time Server” on page 94
.
Procedure
1
Browse to the Technicolor GUI.
For more information, see
“4.1 MediaAccess Gateway GUI” on page 36
.
2
On the
Home Network
, click
Access Control
.
3
The
Access Control
page appears. In the
Pick a task
list, click
Wireless Time Control
.
4
The
Wireless Network Time Control
page appears.
5
Select the
Enable Schedule
box.
6
Select a start time and end time for the first session.
7
Select a start time and end time for the second session.
8
Click
Apply
.
Depending on the software version used by your service provider, this feature may not yet be available on your
MediaAccess Gateway.

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top