Management and Diagnostic Console

Enabling Security Features

The Security pane allows you to configure the gateway’s firewall to provide additional security features. Following are descriptions of the features.

Stealth Mode. Enabling Stealth Mode suppresses error responses (for example, TCP resets).

Block Ping. Enabling Block Ping blocks ping responses.

Strict UDP Session Control. Enabling Strict UDP Session Control prevents another source from “piggybacking” onto a UDP session.

Controlling Inbound and Outbound Traffic

If an Inbound box is checked, the firewall allows the corresponding protocol to pass through from the Internet to the network. If an Outbound box is checked, the firewall allows the traffic from the network to pass through the firewall to the Internet. You must click the Submit button for changes to take effect.

Note: Allowing inbound traffic does not mean that the firewall automatically allows this type of traffic to pass through the firewall to the network. Even if a particular protocol/application type is allowed, the firewall still checks and blocks all unsolicited traffic from the Internet unless the firewall is configured to allow the traffic through using an application profile.

Disabling Attack Detection

By default, the 2Wire gateway firewall rules block the attack types listed in the Attack Detection pane. Some hosted applications require that the user open specific ports (for example, TCP or UDP) to allow outside users to access their network. The Attack Detection pane allows you to configure the gateway’s firewall rules to allow traffic through on the specified ports.

To disable attack detection for a specific port, deselect the corresponding checkbox and click the Submit button.

Enabling Full Logging

To log all packets, check the Enable Full Logging checkbox.

Note: When full logging is enabled, the gateway logs every packet. This will significantly reduce overall system performance because the log buffer capacity will be reached more quickly.

90

Page 95
Image 95
2Wire None manual Enabling Security Features, Controlling Inbound and Outbound Traffic, Enabling Full Logging