Chapter 15 Firewall
EMG2926-Q10A User’s Guide
114
What is a Firewall?
Originally, the term “firewall” referred to a construction technique designed to prevent the spread of
fire from one room to another. The networking term "firewall" is a system or group of systems that
enforces an access-control policy between two networks. It may also be defined as a mechanism
used to protect a trusted network from a network that is not trusted. Of course, firewalls cannot
solve every security problem. A firewall is one of the mechanisms used to establish a network
security perimeter in support of a network security policy. It should never be the only mechanism or
method employed. For a firewall to guard effectively, you must design and deploy it appropriately.
This requires integrating the firewall into a broad information-security policy. In addition, specific
policies must be implemented within the firewall itself.
Stateful Inspection Firewall
Stateful inspection firewalls restrict access by screening data packets against defined access rules.
They make access control decisions based on IP address and protocol. They also "inspect" the
session data to assure the integrity of the connection and to adapt to dynamic protocols. These
firewalls generally provide the best speed and transparency; however, they may lack the granular
application level access control or caching that some proxies support. Firewalls, of one type or
another, have become an integral part of standard security solutions for enterprises.
About the EMG2926-Q10A Firewall
The EMG2926-Q10A’s firewall feature physically separates the LAN and the WAN and acts as a
secure gateway for all data passing between the networks.
It is a stateful inspection firewall and is designed to protect against Denial of Service attacks when
activated (click
the
General
tab under
Firewall
and then click the
Enable
Firewall
check box).
The EMG2926-Q10A's purpose is to allow a private Local Area Network (LAN) to be securely
connected to the Internet. The EMG2926-Q10A can be used to prevent theft, destruction and
modification of data, as well as log events, which may be important to the security of your network.
The EMG2926-Q10A is installed between the LAN and a broadband modem connecting to the
Internet. This allows it to act as a secure gateway for all data passing between the Internet and the
LAN.
The EMG2926-Q10A has one Ethernet WAN port and four Ethernet LAN ports, which are used to
physically separate the network into two areas.The WAN (Wide Area Network) port attaches to the
broadband (cable or DSL) modem to the Internet.
The LAN (Local Area Network) port attaches to a network of computers, which needs security from
the outside world. These computers will have access to Internet services such as e-mail, FTP and
the World Wide Web. However, "inbound access" is not allowed (by default) unless the remote host
is authorized to use a specific service.
Guidelines For Enhancing Security With Your Firewall
1
Change the default password via Web Configurator.
2
Think about access control before you connect to the network in any way, including attaching a
modem to the port.
19216811.live