Network and System Management
409
ProSecure Unified Threat Management (UTM) Appliance
For these features (with the exception of web object blocking and setting the size of files
to be scanned), you can set schedules to specify when web content is filtered (see
Configure Web Content Filtering on page 204), and configure exceptions for groups (see
Set Exception Rules for Web and Application Access on page 234).
Source MAC Filtering
If you want to reduce outgoing traffic by preventing Internet access by certain PCs on the
LAN, you can use the source MAC filtering feature to drop the traffic received from the PCs
with the specified MAC addresses. By default, this feature is disabled; all traffic received from
PCs with any MAC address is allowed. See Enable Source MAC Filtering on page 170 for the
procedure on how to use this feature.
Features That Increase Traffic
The following features of the UTM tend to increase the traffic load on the WAN side:
• LAN WAN inbound rules (also referred to as port forwarding)
• DMZ WAN inbound rules (also referred to as port forwarding)
• Port triggering
• Enabling the DMZ port
• Configuring exposed hosts
• Configuring VPN tunnels
LAN WAN Inbound Rules and DMZ WAN Inbound Rules (Port Forwarding)
The LAN WAN Rules screen and the DMZ WAN Rules screen list all existing rules for
inbound traffic (from WAN to LAN and from WAN to the DMZ). If you have not defined any
rules, only the default rule is listed. The default rule blocks all access from outside except
responses to requests from the LAN side. Any inbound rule that you create allows additional
incoming traffic and therefore increases the traffic load on the WAN side.
Each rule lets you specify the desired action for the connections covered by the rule:
• BLOCK always
• ALLOW always
The following section summarizes the various criteria that you can apply to inbound rules and
that might increase traffic. For more information about inbound rules, see Inbound Rules
(Port Forwarding) on page 125. For detailed procedures on how to configure inbound rules,
see Set LAN WAN Rules on page 130 and Set DMZ WAN Rules on page 134.
When you define inbound firewall rules, you can further refine their application according to
the following criteria:
• Services. You can specify the services or applications, or groups of services or
applications to be covered by an inbound rule. If the desired service or application does
not display in the list, you need to define it using the Services screen (see Service-Based
Rules on page 122 and Add Customized Services on page 154).
To Next Page
Loading...
Need help?
General