Firewall Protection
122
ProSecure Unified Threat Management (UTM) Appliance
The firewall rules for blocking and allowing traffic on the UTM can be applied to LAN WAN
traffic, DMZ WAN traffic, and LAN DMZ traffic.
Service-Based Rules
The rules to block traffic are based on the traffic’s category of service:
• Outbound rules (service blocking). Outbound traffic is usually allowed unless the
firewall is configured to disallow it.
• Inbound rules (port forwarding). Inbound traffic is usually blocked by the firewall unless
the traffic is in response to a request from the LAN side. The firewall can be configured to
allow this otherwise blocked traffic.
• Customized services. Additional services can be added to the list of services in the
factory defaults list. These added services can then have rules defined for them to either
allow or block that traffic (see Add Customized Services on page 154).
• Quality of Service (QoS) priorities. Each service has its own native priority that impacts
its quality of performance and tolerance for jitter or delays. You can change the QoS
priority, which changes the traffic mix through the system (see Create Quality of Service
Profiles on page 160).
Outbound Rules (Service Blocking)
The UTM allows you to block the use of certain Internet services by PCs on your network.
This is called service blocking or port filtering.
Note: See Enable Source MAC Filtering on page 170 for yet another way
to block outbound traffic from selected PCs that would otherwise be
allowed by the firewall.
Allowing inbound services opens security holes in your UTM.
Enable only those ports that are necessary for your network.
Table 26. Number of supported firewall rule configurations
Traffic rule Maximum number of
outbound rules
Maximum number of
inbound rules
Maximum number of
supported rules
LAN WAN 300 300 600
DMZ WAN5050100
LAN DMZ5050100
Total Rules 400 400 800
To Next Page
Loading...
Need help?
General