SpeedStream Router User Guide
Firewall
Your SpeedStream router includes a
The firewall also includes an advanced Attack Detection System (ADS) containing various algorithms to detect and identify WAN attacks the moment they start and protect the LAN from such attacks. Though WAN access may be temporarily hindered, the LAN is protected from such harmful traffic load.
Firewall Security Levels
The SpeedStream router is shipped with a set of preconfigured firewall database rules grouped into levels, allowing you to easily configure the firewall. The default set of levels include:
•Off:
No restrictions are applied to either inbound or outbound traffic. In addition, all Network Address Port Translation (NAPT) functionality is disabled - there is no address/port translation. Since there is no address/port translation when the firewall is placed in this mode, all
•Low:
Minimal restrictions with respect to outbound traffic. Outbound traffic is allowed for all supported IP- based applications and Application Level Gateways (ALGs). The only inbound traffic that is allowed is that which is received within the context of an outbound session initiated on the local host and permitted by this firewall mode.
•Medium:
Moderate restrictions with respect to outbound traffic. Outbound traffic is allowed for most supported
•High:
High restrictions with respect to outbound traffic. Outbound traffic is allowed only for a very restricted set of supported
•ICSA
Supports the ICSA Labs criteria for firewall behavior. (For more information, visit the ICSA site at http://www.icsalabs.com)
•Custom:
Allows advanced users to add, modify and delete their own firewall rules.
Note For specific application and protocol security modes, refer to Appendix D, “Firewall Security Levels.”
27