76
FWX120 Operation Manual
4
Enhancing security
Security functions for
managing terminals in
the LAN
Grant access rights to each client
(DHCP authentication) (page 91)
The function differentiates between clients that are
allowed to use the network (registered terminals)
and not (unregistered terminals) on the network,
and controls which network each client can access
based on the client's access rights. Each client can
be configured to have different access rights. For
example, registered terminals can be configured
to allow access to all networks in and outside of
the company, whereas unregistered terminals
can be configured to allow access to only specific
segments in the company network.
Limit access to specific URLs
(URL filter) (page 95)
You can limit access from clients in the network to
given URLs specified by the administrator.
Get information on and limiting use
of file sharing software (Intrusion
Detection System) (page 88)
When Intrusion Detection System is enabled, the
product can detect packets used by “Winny” and
“Share”, discard those packets, and break their
communication. In addition, if “Winny” or “Share”
packets are detected, they are logged to the history
records for Intrusion Detection System. Thus, the
product can identify terminals that have used “Winny”
or “Share”.
Other security
functions
Diagnose the security settings
(page 98)
The use of the security diagnosis function after
the completion of the connection settings can
determine which ports are open or closed.
Refer to “Running a port scan to determine which
ports are open or closed” (page 98) for more
details on what are diagnosed.
Restrict hosts that can change
product settings (page 100)
You can configure the product so that third parties
cannot make unauthorized changes to settings of
the product to ensure security of the product itself.
The product can be accessed by means of Web
browsers (HTTP), TELNET, or SSH software. You
can configure the restriction individually for each
of them.