IPv4 Firewall Protection
109
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
The firewall rules for blocking and allowing traffic on the wireless VPN firewall can be applied
to LAN WAN traffic, DMZ WAN traffic, and LAN DMZ traffic.
Service-Based Rules
The rules to block traffic are based on the traffic’s category of service:
• Out
bound rules (service blocking). Outbound traffic is usually allowed unless the
firewall is configured to disallow it.
• Inbound
rules (port forwarding). Inbound traffic is usually blocked by the firewall unless
the traffic is in response to a request from the LAN side. The firewall can be configured to
allow this otherwise blocked traffic.
• Customized se
rvices. Additional services can be added to the list of services in the
factory defaults list. These added services can then have rules defined for them to either
allow or block that traffic (see Add Customized Services on p
age 136).
• Quality
of Service (QoS) priorities. Each service has its own native priority that impacts
its quality of performance and tolerance for jitter or delays. You can change the QoS
priority, which changes the traffic mix through the system (see Preconfigured Quality of
Service Profiles on p
age 141).
Outbound Rules (Service Blocking)
The wireless VPN firewall allows you to block the use of certain Internet services by PCs on
your network. This is called service blocking or port filtering.
Note: See Enable Source MAC Filtering on page 147 for yet another way
to block outbound traffic from selected PCs that would otherwise be
allowed by the firewall.
Allowing inbound services opens security holes in your wireless
VPN firewall. Enable only those ports that are necessary for your
network.
Table 26. Number of supported firewall rule configurations
Traffic rule Maximum number of
outbound rules
Maximum number of
inbound rules
Maximum number of
supported rules
LAN WAN 200 200 400
DMZ WAN5050100
LAN DMZ 50 50 100
Total Rules 300 300 600
To Next Page
Loading...
