Chapter 11 Firewall Configuration
P-660W-Tx v2 User’s Guide
127
11.7.2.1 Rule Checklist
State the intent of the rule. For example, “This restricts all IRC access from the LAN to the
Internet.” Or, “This allows a remote Lotus Notes server to synchronize over the Internet to an
inside Notes server.”
1
Is the intent of the rule to forward or block traffic?
2
What direction of traffic does the rule apply to?
3
What IP services will be affected?
4
What computers on the LAN are to be affected (if any)?
5
What computers on the Internet will be affected? The more specific, the better. For
example, if traffic is being allowed from the Internet to the LAN, it is better to allow
only certain machines on the Internet to access the LAN.
11.7.2.2 Security Ramifications
Once the logic of the rule has been defined, it is critical to consider the security ramifications
created by the rule:
1
Does this rule stop LAN users from accessing critical resources on the Internet? For
example, if IRC is blocked, are there users that require this service?
2
Is it possible to modify the rule to be more specific? For example, if IRC is blocked for
all users, will a rule that blocks just certain users be more effective?
3
Does a rule that allows Internet users access to resources on the LAN create a security
vulnerability? For example, if FTP ports (TCP 20, 21) are allowed from the Internet to
the LAN, Internet users may be able to connect to computers with running FTP servers.
4
Does this rule conflict with any existing rules?
5
Once these questions have been answered, adding rules is simply a matter of plugging
the information into the correct fields in the web configurator screens.
11.7.2.3 Key Fields For Configuring Rules
Action
Should the action be to
Block
or
Forward
? “Block” means the firewall silently discards the
packet.
Service
Select the service from the
Service
scrolling list box. If the service is not listed, it is necessary
to first define it. See
for more information on predefined services.
Source Address
What is the connection’s source address; is it on the LAN, WAN? Is it a single IP, a range of
IPs or a subnet?
Destination Address
What is the connection’s destination address; is it on the LAN, WAN? Is it a single IP, a range
of IPs or a subnet?
Summary of Contents for P-660W-T1 v2
Page 2: ......
Page 8: ...Safety Warnings P 660W Tx v2 User s Guide 8 ...
Page 10: ...Contents Overview P 660W Tx v2 User s Guide 10 ...
Page 18: ...Table of Contents P 660W Tx v2 User s Guide 18 ...
Page 22: ...List of Figures P 660W Tx v2 User s Guide 22 ...
Page 25: ...25 PART I Introduction Introducing the ZyXEL Device 27 Introducing the Web Configurator 31 ...
Page 26: ...26 ...
Page 30: ...Chapter 1 Introducing the ZyXEL Device P 660W Tx v2 User s Guide 30 ...
Page 36: ...Chapter 2 Introducing the Web Configurator P 660W Tx v2 User s Guide 36 ...
Page 37: ...37 PART II Setup Wizard Connection Setup Wizard 39 Media Bandwidth Management Wizard 47 ...
Page 38: ...38 ...
Page 46: ...Chapter 3 Connection Setup Wizard P 660W Tx v2 User s Guide 46 ...
Page 50: ...Chapter 4 Media Bandwidth Management Wizard P 660W Tx v2 User s Guide 50 ...
Page 52: ...52 ...
Page 83: ...Chapter 7 WAN Setup P 660W Tx v2 User s Guide 83 Figure 32 WAN Setup PPPoE ...
Page 104: ...Chapter 8 Network Address Translation NAT Screens P 660W Tx v2 User s Guide 104 ...
Page 130: ...Chapter 11 Firewall Configuration P 660W Tx v2 User s Guide 130 ...
Page 156: ...Chapter 15 Logs Screens P 660W Tx v2 User s Guide 156 ...
Page 169: ...169 PART IV Maintenance Maintenance 171 ...
Page 170: ...170 ...
Page 184: ...Chapter 17 Maintenance P 660W Tx v2 User s Guide 184 ...
Page 185: ...185 PART V Troubleshooting and Specifications Troubleshooting 187 Product Specifications 193 ...
Page 186: ...186 ...
Page 192: ...Chapter 18 Troubleshooting P 660W Tx v2 User s Guide 192 ...
Page 200: ...200 ...
Page 208: ...Appendix A Pop up Windows JavaScripts and Java Permissions P 660W Tx v2 User s Guide 208 ...
Page 226: ...Appendix C Common Services P 660W Tx v2 User s Guide 226 ...
Page 232: ...Appendix D Legal Information P 660W Tx v2 User s Guide 232 ...