Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless Print Server USB

Security

The Motorola SBG1000 Wireless Cable Modem Gateway provides:

A firewall to protect the SBG LAN from undesired attacks over the Internet

Security measures to prevent eavesdropping of wireless data

Network Address Translation (NAT) provides some security because the IP addresses of SBG LAN computers are not visible on the Internet.

The logical network diagram does not necessarily correspond to the network cabling. A full discussion of network security is beyond the scope of this document.

SBG1000 security measures shown in a logical network diagram

Internet

SBG

DMZ computer

Firewall

DMZ:

WEP shared key encryption

MAC access control list

Closed network

Computer

 

Computer

 

 

 

Wired Ethernet and/or HPNA LAN

Computer

 

Laptop

 

PDA

 

 

 

 

 

Wireless IEEE 802.11b LAN

Firewall

The SBG1000 firewall protects the SBG LAN from undesired attacks and other intrusions from the Internet. It provides an advanced integrated stateful-inspectionfirewall supporting intrusion detection, session tracking, and denial-of-service attack prevention. The firewall:

Maintains state data for every TCP/IP session on the OSI network and transport layers

Monitors all incoming and outgoing packets, applies the firewall policy to each one, and screens for improper packets and intrusion attempts

Provides comprehensive logging for all:

User authentications

Rejected internal and external connection requests

Session creation and termination

Outside attacks (intrusion detection)

You can configure the firewall filters to set rules for port usage and to block specific IP domains and networks. For information about choosing a default firewall policy, see “Setting the Firewall Policy” on page 36.

X

15

SBG1000 Wireless Cable Modem Gateway User Guide

Home Print Exit

Page 21
Image 21
Motorola SBG1000 manual Security, Firewall, Internet