Manuals / Motorola / Computer Equipment / Modem

Motorola manual Security, Firewall, SBG900 security measures shown in a logical network diagram

Models: SBG900

1 130

Download 130 pages 40.66 Kb

Page 18

Security

Overview Installation Troubleshooting Contact FAQ Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Security

The SBG900 provides:

•A firewall to protect the SBG900 LAN from undesired attacks over the Internet

•Security measures to prevent eavesdropping of wireless data

Network Address Translation (NAT) provides some security because the IP addresses of SBG900 LAN computers are not visible on the Internet.

The logical network diagram does not necessarily correspond to the network cabling. A full discussion of network security is beyond the scope of this document.

SBG900 security measures shown in a logical network diagram

Internet

SBG900

DMZ computer

Firewall

Wireless Security:

WEP shared key encryption

MAC access control list

Disable ESSID Broadcast

Computer

Computer

Computer

Laptop

PDA

Wired Ethernet LAN

Wireless LAN

Firewall

The SBG900 firewall protects the SBG900 LAN from undesired attacks and other intrusions from the Internet. It provides an advanced integrated stateful-inspectionfirewall supporting intrusion detection, session tracking, and denial-of-service attack prevention. The firewall:

•

•

Maintains state data for every TCP/IP session on the OSI network and transport layers

Monitors all incoming and outgoing packets, applies the firewall policy to each one, and screens for improper packets and intrusion attempts

•Provides comprehensive logging for all:

—User authentications

—Rejected internal and external connection requests

—Session creation and termination

—Outside attacks (intrusion detection)

You can configure the firewall filters to set rules for port usage. For information about choosing a predefined firewall policy template, see “Setting the Firewall Policy”.

X

12

SBG900 User Guide

Home Print Exit

Image 18

Motorola manual Firewall, SBG900 security measures shown in a logical network diagram, Internet, Wireless Security

Contents

Wireless Cable Modem Gateway User Guide SBG900Reorient or relocate the receiving antenna Comply with all instructions that accompany this equipment Copyright 2003 by Motorola, Inc Installation ContentsConfiguring the Gateway Basic ConfigurationContact Us Frequently-Asked Questions Specifications Setting Up a USB DriverTroubleshooting Glossary Software LicenseOverview Easy Setup Network Connection TypesPowerful Features in a Single Unit SBG900 Sample LANSample SBG900 hybrid network PCC11bOptional Accessories Motorola USB11b Wireless Adapter left and PCC11b Wireless CardFlashing Front PanelLight Home Print ExitRear Panel Key Item DescriptionHome Print Exit Wireless LAN Wired Ethernet LAN USB Connection Label on the Bottom of the SBG900SBG900 LAN Choices Wireless LAN Sample wireless network connectionsSample Ethernet to computer connection Wired Ethernet LANSample Ethernet connection to hubs or switches ExitHome Print Exit USB ConnectionSample USB connection SBG900 User GuideSecurity SBG900 security measures shown in a logical network diagramWireless Security FirewallWireless Security Port TriggeringVirtual Private Networks SURFboard Wireless Cable Modem Gateway Quick Start GuidePort Forwarding Related DocumentationConnecting the SBG900 to the Cable System Cabling the LAN InstallationBefore You Begin Precautions Signing Up for Service Obtaining an IP Address for Ethernet Connecting a PC to the USB PortAlways make the wall connection first PrecautionsSigning Up for Service To avoid damaging the SBG900 or computers with static electricityComputer System Requirements Exit Obtaining an IP Address in Windows 2000 or Windows XP Obtaining an IP Address for EthernetObtaining an IP Address in Windows 98, Windows 98 SE, or Windows Me Obtaining an IP Address on Macintosh or UNIX SystemsConnecting a PC to the USB Port Getting Help Setting the Firewall Policy Basic ConfigurationStarting the SBG900 Setup Program Changing the Default Password Gaming Configuration GuidelinesStarting the SBG900 Setup Program Click To PerformChanging the Default Password Enabling Remote Access Getting Help Setting the Firewall Policy Page Firewall POLICY - advanced Page Description Firewall POLICY - advanced page fieldsField Home Print ExitField or Button Firewall ALERT - basic PageFirewall ALERT - basic page fields DescriptionField or Button Firewall ALERT - email PageFirewall ALERT - email page fields DescriptionField or Button Firewall LOGS PageFirewall LOGS page fields DescriptionDescription Firewall LOGSOption Session LogGaming Configuration Guidelines Configuring the Firewall for GamingConfiguring Port Triggers Configuring a Gaming DMZ Host Gateway LAN - dhcp server config Page Configuring the GatewayGateway STATUS Page Gateway WAN Page Gateway LAN - nat config Page Gateway PORT FORWARDING - config PageHome Print Exit Gateway STATUS PageThis page displays the gateway status information SBG900 User GuideField Gateway WAN PageGateway WAN page fields DescriptionDescription Gateway WAN page fields continuedField Home Print ExitField or Button Gateway LAN - nat config PageGateway LAN - nat config page fields DescriptionField Gateway LAN - dhcp server config PageGateway LAN - dhcp server config page fields DescriptionFieldDescription Gateway LAN - dhcp leases PageGateway LAN - dhcp leases page fields Home Print ExitField Gateway PORT FORWARDING - status PageGateway LAN - dhcp leases page fields continued DescriptionField Gateway PORT FORWARDING - config PageGateway PORT FORWARDING - config page fields DescriptionGateway PORT TRIGGERS - predefined Page Description Gateway PORT TRIGGERS - predefined page fieldsField Home Print ExitField Gateway PORT TRIGGERS - custom PageGateway PORT TRIGGERS - custom page fields DescriptionGateway PORT TRIGGERS - custom page fields Gateway LOG PageGateway LOG page fields FieldDescriptionConfiguring TCP/IP in Windows Configuring TCP/IP in Windows XP Configuring TCP/IPConfiguring TCP/IP in Windows 95, Windows 98, or Windows Me Verifying the IP Address in Windows 95, Windows 98, or Windows MeSBG900 User Guide Home Print13 Click Obtain an IP address automatically Configuring TCP/IP in Windows 4 Click Local Area Connection number. The value of number varies from system to system. The Local Area Connection number Status window is displayed 8 Click Internet Protocol TCP/IP 13 Click OK to accept the TCP/IP settings Configuring TCP/IP in Windows XP 5 If a classic view similar to below is displayed 7 Right-click on the network connection. If more than one connection is displayed, be sure to select the one for your network interface 11 Verify that the settings are correct, as shown above Verifying the IP Address in Windows 95, Windows 98, or Windows Me Verifying the IP Address in Windows 2000 or Windows XP To renew the IP address SBG900 Setting Up the Wireless LANPerform on the AdvantagesConfiguring the Wireless Network Name on the SBG900 Home Print Exit 7 Click advanced to display the Wireless SECURITY - advanced Page9 Click Apply to save your changes SBG900 User GuideConfiguring WEP on the SBG900 EncryptionHome Print Exit Configuring a MAC Access Control List on the SBG900 3 Click advanced to display the Wireless SECURITY - advanced PageConfiguring the Wireless Clients Configuring a Wireless Client with a Network Name ESSIDConfiguring a Wireless Client for WEP Wireless SECURITY - basic Page Wireless SECURITY - advanced Page Wireless Pages in the SBG900 Setup ProgramWireless STATUS Page Wireless NETWORK Page Wireless STATISTICS pagewho is not authorized to use your wireless LAN Wireless STATUS PageWireless STATUS Page Fields Home Print ExitConfiguring the Wireless Network Name on the SBG900 Wireless NETWORK PageWireless NETWORK page fields FieldWireless NETWORK page fields continued FieldDescriptionHome Print Exit Wireless SECURITY - basic Page Home Print ExitSBG900 User Guide Field or Button Wireless SECURITY - advanced PageWireless Security - ADVANCED page fields DescriptionWireless STATISTICS page fields Wireless STATISTICS pageWireless Security - ADVANCED page fields continued Field or ButtonDescription Wireless STATISTICS page fields continuedField or Button Home Print ExitSetting Up a USB Driver in Windows Me Setting Up a USB DriverSetting Up a USB Driver in Windows Setting Up a USB Driver in Windows Setting Up a USB Driver in Windows XPSetting Up a USB Driver in Windows 5 Click Next. The following window is displayed 8 Click Next. The following window is displayed 11 Click Finish. The Systems Settings Change window is displayed Setting Up a USB Driver in Windows 4 Click Next. The following window is displayed 8 If necessary, select the CD-ROM drive in the Copy files from list Setting Up a USB Driver in Windows Me Setting Up a USB Driver in Windows XP Removing the USB Driver from Windows 98 or Windows Me 2 Click the Motorola SURFboard SBG900 USB Gateway5 Disconnect the USB cable from the PC or SBG900 4 Click OK. The System Settings Change window is displayedSetting Up a USB Driver in Windows Me Setting Up a USB Driver in Windows13 Click Remove Driver Home Print ExitHome Print Exit 2 Click SettingsRemoving the USB Driver from Windows SBG900 User Guide7 Double-click Network Adapters 20 Be sure the USB cable is disconnected 21 Click Remove DriverHome Print Exit Removing the USB Driver from Windows XP1 On the Windows desktop, click Start to display the Start window SBG900 User Guide4 Click System to display the System Properties window. Skip to step Home Print Exit Configuration Basic Gateway TCP/IP Wireless USB6 Click the Hardware tab to display the Hardware page SBG900 User Guide8 Double-click Network adapters 15 Type explorer and click OK to display Windows Explorer Problem TroubleshootingFront-Panel Lights and Error Conditions Possible SolutionsContact Us Q What wireless security measures are provided on the SBG900? Q What is high-speed cable Internet access?Q What is Network Address Translation? Q Why is there no Standby button?Q What type of technical support is available? Q Do I need to change my Internet service provider ISP?Q Do I need to subscribe to cable TV to get cable Internet access? Q What do I do if my SBG900 stops working?Specifications GeneralHome Print Exit Cable Modem Home Print ExitGlossary Home Print Exit coaxial cable clientCMTS coaxThe SBG900 is simultaneously a DHCP client and a DHCP server Home Print Exitbutton addressHome Print Exit Home Print Exit Home Print Exit U.S. government See EthernetHome Print Exit Home Print Exit Home Print Exit Home Print Exit Home Print Exit Home Print Exit Home Print Exit Home Print Exit Home Print Exit Home Print Exit Home Print Exit You may not Software LicenseYou may Home Print ExitVisit our website at 509091-001 10/03 MGBI