ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a hacker intrusion or attack, and for controlling the types of traffic that can flow between the two networks. Unlike simple Internet sharing NAT routers, a firewall uses a process called stateful packet inspection to protect your network from attacks and intrusions. NAT performs a very limited stateful inspection in that it considers whether the incoming packet is in response to an outgoing request, but true Stateful Packet Inspection goes far beyond NAT.
Using Rules to Block or Allow Specific Kinds of Traffic
This section includes the following topics:
•
•“Viewing Rules and Order of Precedence for Rules” on page
•“Configuring LAN WAN Rules” on page
•“Configuring DMZ WAN Rules” on page
•“Configuring LAN DMZ Rules” on page
•“Inbound Rules Examples” on page
•“Outbound Rules Example” on page
Firewall rules are used to block or allow specific traffic passing through from one side to the other. You can configure up to 600 rules on the VPN firewall. Inbound rules (WAN to LAN) restrict access by outsiders to private resources, selectively allowing only specific outside users to access specific resources. Outbound rules (LAN to WAN) determine what outside resources local users can have access to.
A firewall has two default rules, one for inbound traffic and one for outbound. The default rules of the VPN firewall are:
•Inbound. Block all access from outside except responses to requests from the LAN side.
•Outbound. Allow all access from the LAN side to the outside.
The firewall rules for blocking/allowing traffic on the VPN firewall can be applied to LAN/WAN traffic, DMZ/WAN traffic and LAN/DMZ traffic.
Firewall Protection and Content Filtering |
