Firewall Configuration

Introduction to Firewalls

The NB5 is equipped with advanced Firewall features to provide security from malicious attack, hacking or eavesdropping across the Internet. The following information is provided as an introduc- tion to firewalling and to the techniques that can be used to selectively enable services across the firewall while still maintaining security.

Network Address Translation and Port Mapping

The NB5 is a NAT router. NAT stands for Network Address Translation, a process which converts private IP addresses of a computer on the internal private network to one or more public IP ad- dresses for the Internet. NAT changes the packet headers to the new address and keeps track of each session; when packets come back from the Internet, it performs the reverse conversion to the IP address of the client machine.

NAT acts as a firewall by keeping internal IP addresses hidden from the Internet. Web applications operate through 'open ports' on devices attached to the Internet by initiating a query which opens a 'communication session' with the host through the open port. The presence of the NAT device prevents this process from occurring, as the NAT only admits incoming packets that have been elicited by an outgoing request; other packets are discarded.

However this causes connectivity problems, as any requests originating from applications on the other side of the NAT device - such as requests generated by network gaming and conferencing applications - will not be able to locate a port, and therefore a host, with which to communicate, as their requests are discarded by the NAT. Hence the terms 'opening', 'forwarding' and 'mapping' ports: these processes add information to the NAT table which allows it to direct incoming requests from selected applications to the appropriate port.

So Port Mapping tells the NAT router: 'when a request arrives which is intended for TCP port 1357, don't discard it, but direct it to such-and-such a port'. The port-mapping process invokes advanced routing functionality to 'bind' the Port Mapping request to the LAN client from which it originated. This process is automated by the NB5 interface, and is covered in the Port Forwarding section below.

Dedicated Firewalls

The Firewall function is technically different to NAT in that its sole purpose is to separate, or 'firewall', the internal network from the Internet. It does this by a variety of means, including SPI, or Stateful Packet Inspection. SPI checks incoming packets against outgoing requests and blocks packets which have not been requested.

Firewall

YML717 Rev1

NetComm NB5 Ethernet/USB Modem Router

www.netcomm.com.au

31

Page 30 Page 32
Page 31
Image 31
Netcom NB5 manual Firewall Configuration, Introduction to Firewalls, Network Address Translation and Port Mapping
Page 30 Page 32

NB5 specifications

The Netcom NB5 is a highly regarded broadband modem and router that has gained popularity for its robust features and reliable performance. Designed to cater to a variety of networking needs, the NB5 is particularly well-suited for home and small office environments.

One of the standout features of the Netcom NB5 is its ADSL2+ technology, which enhances internet speeds significantly compared to traditional ADSL modems. This technology allows users to achieve download speeds of up to 24 Mbps and upload speeds of up to 1 Mbps, depending on the distance from the service provider’s exchange. This capability makes the NB5 an excellent choice for video streaming, online gaming, and other bandwidth-intensive applications.

The NB5 also integrates a built-in router, facilitating easy sharing of the internet connection among multiple devices. It supports both wired and wireless connections, with an 802.11g wireless standard that ensures a stable and fast wireless connection over a considerable range. With four Ethernet ports, users can connect wired devices such as computers and gaming consoles directly, ensuring optimal performance without the limitations typically associated with wireless connections.

Security is a top priority for the Netcom NB5, which features advanced firewall capabilities including Network Address Translation (NAT) and Stateful Packet Inspection (SPI). These features help protect the network from various external threats. Additionally, the NB5 supports Wi-Fi Protected Access (WPA/WPA2) encryption to safeguard wireless connections from unauthorized access, ensuring users’ personal data remains secure while browsing the internet.

Another characteristic that enhances the user experience is the NB5’s easy setup and web-based management interface. This intuitive interface allows users to configure their settings effortlessly, monitor network activity, and customize security protocols without requiring extensive technical knowledge.

The Netcom NB5 is also noteworthy for its compatibility with various operating systems, including Windows, macOS, and Linux, making it versatile for different user environments. Overall, the design, advanced technology, and feature set of the Netcom NB5 make it a reliable option for users seeking a high-performance internet solution. With its ability to deliver fast and secure internet connections, the NB5 continues to be a popular choice among consumers and small businesses alike.
Top Page Image Contents