IPv4 Firewall Protection
142
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
You can assign a QoS profile to a firewall rule or service on the following screens:
• Add LAN WAN Outbound Services screen (see Figure 55 on page 118).
• Add
DMZ WAN Outbound Services screen (see Figure 58 on page 121).
• Services screen (see Figure 71 o
n page 137)
These are the default QoS profiles that are preconfigured and that cannot be edited:
• Normal-Servi
ce. Used when no special priority is given to the traffic. IP packets are
marked with a ToS value of 0.
• Minimi
ze-Cost. Used when data needs to be transferred over a link that has a lower cost.
IP packets are marked with a ToS value of 2.
• Maximize-Reliab
ility. Used when data needs to travel to the destination over a reliable
link and with little or no retransmission. IP packets are marked with a ToS value of 4.
• Maximize-Through
put. Used when the volume of data transferred during an interval is
important even if the latency over the link is high. IP packets are marked with a ToS value
of 8.
• Minimize-Delay. Use
d when the time required (latency) for the packet to reach the
destination needs to be low. IP packets are marked with a ToS value of 16.
Configure Content Filtering
To restrict internal LAN users from access to certain sites on the Internet, you can use the
content filtering and web component blocking features of the wireless VPN firewall. By
default, these features are disabled; all requested traffic from any website is allowed. If you
enable one or more of these features and users try to access a blocked site, they will see a
“Blocked by NETGEAR” message.
Several types of blocking are available:
• W
eb component blocking. You can block the following web component types: proxy,
Java, ActiveX, and cookies. Even sites that are listed in the Trusted Domains table are
subject to web component blocking when the blocking of a particular web component is
enabled.
- Proxy.
A proxy server (or simply, proxy) allows computers to route connections to
other computers through the proxy, thus circumventing certain firewall rules. For
example, if connections to a specific IP address are blocked by a firewall rule, the
requests can be routed through a proxy that is not blocked by the rule, rendering the
restriction ineffective. Enabling this feature blocks proxy servers.
- Java. Blocks
Java applets from being downloaded from pages that contain them.
Java applets are small programs embedded in web pages that enable dynamic
functionality of the page. A malicious applet can be used to compromise or infect
computers. Enabling this setting blocks Java applets from being downloaded.
To Next Page
Loading...
