1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. P324
    5. /
  5. 30
Page 146 / 285 Scroll up to view Page 141 - 145
Page 147 / 285
Firewall
12-1
Chapter 12
Firewall
This chapter gives some background information on firewalls and explains how to get started with
the Prestige firewall.
12.1 Introduction
What is a Firewall?
Originally, the term
firewall
referred to a construction technique designed to prevent the spread of fire from
one room to another. The networking term "firewall" is a system or group of systems that enforces an
access-control policy between two networks. It may also be defined as a mechanism used to protect a
trusted network from an untrusted network. Of course, firewalls cannot solve every security problem. A
firewall is one of the mechanisms used to establish a network security perimeter in support of a network
security policy. It should never be the only mechanism or method employed. For a firewall to guard
effectively, you must design and deploy it appropriately. This requires integrating the firewall into a broad
information-security policy. In addition, specific policies must be implemented within the firewall itself.
Stateful Inspection Firewall
.
Stateful inspection firewalls restrict access by screening data packets against defined access rules. They
make access control decisions based on IP address and protocol. They also "inspect" the session data to
assure the integrity of the connection and to adapt to dynamic protocols. These firewalls generally provide
the best speed and transparency; however, they may lack the granular application level access control or
caching that some proxies support. Firewalls, of one type or another, have become an integral part of
standard security solutions for enterprises.
About the Prestige Firewall
The Prestige firewall is a stateful inspection firewall and is designed to protect against Denial of Service
attacks when activated (click
LOG SETTINGS
and then click the
Enable
Firewall
check box). The
Prestige's purpose is to allow a private Local Area Network (LAN) to be securely connected to the Internet.
Page 148 / 285
12-2
Firewall
The Prestige can be used to prevent theft, destruction and modification of data, as well as log events, which
may be important to the security of your network.
The Prestige is installed between the LAN and a broadband modem connecting to the Internet. This allows
it to act as a secure gateway for all data passing between the Internet and the LAN.
The Prestige has one Ethernet WAN port and four Ethernet LAN ports, which are used to physically
separate the network into two areas.
The WAN (Wide Area Network) port attaches to the broadband (cable or DSL) modem to the Internet.
The LAN (Local Area Network) port attaches to a network of computers, which needs security from the
outside world. These computers will have access to Internet services such as e-mail, FTP and the
World Wide Web.
However, "inbound access" is not allowed (by default) unless the remote host is
authorized to use a specific service.
12.1.1 Guidelines For Enhancing Security With Your Firewall
1.
Change the default password via web configurator.
Think about access control before you connect to the network in any way, including attaching a modem to
the port.
Limit who can access your router.
Don't enable any local service (such as SNMP or NTP) that you don't use. Any enabled service could
present a potential security risk. A determined hacker might be able to find creative ways to misuse the
enabled services to access the firewall or the network.
For local services that are enabled, protect against misuse. Protect by configuring the services to
communicate only with specific peers, and protect by configuring rules to block packets for the
services at specific interfaces.
Protect against IP spoofing by making sure the firewall is active.
Keep the firewall in a secured (locked) room.
Page 149 / 285
Firewall
12-3
12.2 SMT Firewall Menu
Enter “21” from the main menu to display the following screen.
Figure 12-1 Menu 21 - Filter and Firewall Setup
Enter “2” to display the firewall setup menu. You may only enable or disable the firewall in this screen.
Use the web configurator to configure the firewall.
In the
Active
field press [SPACE BAR] and select
Yes
(to enable) or
No
(to disable) the Prestige firewall.
The firewall protects against Denial of Service (DoS) attacks when it is active. Your network is vulnerable
to attacks when the firewall is turned off.
Menu 21 - Filter and Firewall Setup
1. Filter Setup
2. Firewall Setup
Enter Menu Selection Number:
Page 150 / 285
12-4
Firewall
Figure 12-2 Menu 21.2 - Firewall Setup
12.3
Web Configurator Firewall Settings Screen
From the
MAIN MENU
, then
FIREWALL
. The screen as shown next is the
Firewall Settings
tab.
Menu 21.2 - Firewall Setup
The firewall protects against Denial of Service (DoS) attacks when
it is active.
Your network is vulnerable to attacks when the firewall is turned off.
Refer to the User's Guide for details about the firewall default
policies.
You may define additional Policy rules or modify existing ones but
please exercise extreme caution in doing so.
Active: Yes
You can use the Web Configurator to configure the firewall.
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle

Rate

4 / 5 based on 1 vote.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top