Zyxel NBG-419N Router Manual PDF (Setup & Configuration Guide)

Page 146 / 292 Scroll up to view Page 141 - 145

Chapter 19 Firewall

NBG-419N User’s Guide

146

See

Appendix E on page 259

for commonly used services and port numbers.

Enable Firewall

Rule

Select this check box to activate the firewall rules that you define (see

Add

Firewall Rule

below)

Apply

Click

Apply

to save the settings.

Add Firewall Rule

Service Name

Enter a name that identifies or describes the firewall rule.

MAC Address

Enter the MAC address of the computer for which the firewall rule applies.

Dest IP Address

Enter the IP address of the computer to which traffic for the application or

service is entering.

The NBG-419N applies the firewall rule to traffic initiating from this computer.

Source IP Address

Enter the IP address of the computer that initializes traffic for the application or

service.

The NBG-419N applies the firewall rule to traffic initiating from this computer.

Protocol

Select the protocol (

TCP

,

UDP

,

ICMP

or

None

) used to transport the packets for

which you want to apply the firewall rule.

Dest Port Range

Enter the port number/range of the destination that define the traffic type, for

example TCP port 80 defines web traffic.

Source Port

Range

Enter the port number/range of the source that define the traffic type, for

example TCP port 80 defines web traffic.

Add Rule

Click

Add

to save the firewall rule.

Firewall Rule

#

This is your firewall rule number. The ordering of your rules is important as rules

are applied in turn.

Service Name

This is a name that identifies or describes the firewall rule.

MAC Address

This is the MAC address of the computer for which the firewall rule applies.

Dest IP Address

This is the IP address of the computer to which traffic for the application or

service is entering.

Source IP Address

This is the IP address of the computer from which traffic for the application or

service is initialized.

Protocol

This is the protocol (

TCP

,

UDP

,

ICMP

or

None

) used to transport the packets for

which you want to apply the firewall rule.

Dest Port Range

This is the port number/range of the destination that define the traffic type, for

example TCP port 80 defines web traffic.

Source Port

Range

This is the port number/range of the source that define the traffic type, for

example TCP port 80 defines web traffic.

Action

Drop

- Traffic matching the conditions of the firewall rule are stopped.

Delete

Click this to remove the firewall rule.

Reset

Click

Reset

to start configuring this screen again.

Table 64

Security > Firewall > Services

LABEL

DESCRIPTION

Page 147 / 292

NBG-419N User’s Guide

147

C

HAPTER

20

Content Filter

20.1

Overview

This chapter provides a brief overview of content filtering using the embedded web GUI.

Internet content filtering allows you to create and enforce Internet access policies tailored to your

needs. Content filtering is the ability to block certain web features or specific URL keywords.

20.2

What You Can Do

Use the

Content

Filter

(

Section 20.4 on page 148

) screen to restrict web features, add

keywords for blocking and designate a trusted computer.

20.3

What You Need To Know

Content filtering allows you to block certain web features, such as cookies, and/or block access to

specific web sites. For example, you can configure one policy that blocks John Doe’s access to arts

and entertainment web pages.

20.3.1

Content Filtering Profiles

A content filtering profile conveniently stores your custom settings for the following features.

Restrict Web Features

The NBG-419N can disable web proxies and block web features such as ActiveX controls, Java

applets and cookies.

Keyword Blocking URL Checking

The NBG-419N checks the URL’s domain name (or IP address) and file path separately when

performing keyword blocking.

The URL’s domain name or IP address is the characters that come before the first slash in the URL.

For example, with the URL

www.zyxel.com.tw/news/pressroom.php

, the domain name is

www.zyxel.com.tw

.

The file path is the characters that come after the first slash in the URL. For example, with the URL

www.zyxel.com.tw/news/pressroom.php

, the file path is

news/pressroom.php

.

Page 148 / 292

Chapter 20 Content Filter

NBG-419N User’s Guide

148

Since the NBG-419N checks the URL’s domain name (or IP address) and file path separately, it will

not find items that go across the two. For example, with the URL

www.zyxel.com.tw/news/

pressroom.php

, the NBG-419N would find “tw” in the domain name (

www.zyxel.com.tw)

. It would

also find “news” in the file path (

news/pressroom.php

) but it would not find “tw/news”.

20.4

Content Filter Screen

Use this screen to restrict web features, add keywords for blocking and designate a trusted

computer.

Click

Security

>

Content Filter

to open the

Content Filter

screen.

Figure 104

Security > Content Filter > Content Filter

The following table describes the labels in this screen.

Table 65

Security > Content Filter > Content Filter

LABEL

DESCRIPTION

Trusted IP Setup

To enable this feature, type an IP address of any one of the computers in your

network that you want to have as a trusted computer. This allows the trusted

computer to have full access to all features that are configured to be blocked by

content filtering.

Leave this field blank to have no trusted computers.

Restrict Web

Features

Select the box(es) to restrict a feature. When you download a page containing a

restricted feature, that part of the web page will appear blank or grayed out.

ActiveX

A tool for building dynamic and active Web pages and distributed object

applications. When you visit an ActiveX Web site, ActiveX controls are

downloaded to your browser, where they remain in case you visit the site again.

Java

A programming language and development environment for building

downloadable Web components or Internet and intranet business applications

of all kinds.

Cookies

Used by Web servers to track usage and provide service based on ID.

Page 149 / 292

Chapter 20 Content Filter

NBG-419N User’s Guide

149

Web Proxy

A server that acts as an intermediary between a user and the Internet to

provide security, administrative control, and caching service. When a proxy

server is located on the WAN it is possible for LAN users to circumvent content

filtering by pointing to this proxy server.

Enable URL

Keyword Blocking

The NBG-419N can block Web sites with URLs that contain certain keywords in

the domain name or IP address. For example, if the keyword "bad" was

enabled, all sites containing this keyword in the domain name or IP address will

be blocked, e.g., URL http://www.website.com/bad.html would be blocked.

Select this check box to enable this feature.

Keyword

Type a keyword in this field. You may use any character (up to 64 characters).

Wildcards are not allowed. You can also enter a numerical IP address.

Keyword List

This list displays the keywords already added.

Add

Click

Add

after you have typed a keyword.

Repeat this procedure to add other keywords. Up to 64 keywords are allowed.

When you try to access a web page containing a keyword, you will get a

message telling you that the content filter is blocking this request.

Delete

Highlight a keyword in the lower box and click

Delete

to remove it. The

keyword disappears from the text box after you click

Apply

.

Clear All

Click this button to remove all of the listed keywords.

Apply

Click

Apply

to save your changes.

Reset

Click

Reset

to begin configuring this screen afresh

Table 65

Security > Content Filter > Content Filter

LABEL

DESCRIPTION

Page 150 / 292

Chapter 20 Content Filter

NBG-419N User’s Guide

150

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share