ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual

LAN port) can be dedicated as a hardware DMZ port to safely provide services to the Internet without compromising security on your LAN. By default, the DMZ port and both inbound and outbound DMZ traffic are disabled. Enabling the DMZ port and allowing traffic to and from the DMZ increases the traffic through the WAN ports.

For the information on how to enable the DMZ port, see “Configuring and Enabling the DMZ Port” on page 4-18. For the procedures on how to configure DMZ traffic rules, see “Setting DMZ WAN Rules” on page 5-14.

Configuring Exposed Hosts

Specifying an exposed host allows you to set up a computer or server that is available to anyone on the Internet for services that you have not yet defined. For an example on how to set up an exposed host, see “LAN WAN or DMZ WAN Inbound Rule: Specifying an Exposed Host” on page 5-28.

Configuring VPN Tunnels

The UTM supports up to 25 site-to-site IPsec VPN tunnels and up to 13 dedicated SSL VPN tunnels. Each tunnel requires extensive processing for encryption and authentication, thereby increasing traffic through the WAN ports.

For information about IPsec VPN tunnels, see Chapter 7, “Virtual Private Networking Using IPsec Connections.” For information about SSL VPN tunnels, see Chapter 8, “Virtual Private Networking Using SSL Connections.”

Using QoS and Bandwidth Assignment to Shift the Traffic Mix

By specifying QoS and bandwidth profiles and assigning these profiles to outbound and inbound firewall rules, you can shift the traffic mix to aim for optimum performance of the UTM.

Assigning QoS Profiles

The QoS profile settings determine the priority and, in turn, the quality of service for the traffic passing through the UTM. After you have created a QoS profile, you can assign the QoS profile to firewall rules. The QoS is set individually for each service. You can change the mix of traffic through the WAN ports by granting some services a higher priority than others:

You can accept the default priority defined by the service itself by not changing its QoS setting.

You can change the priority to a higher or lower value than its default setting to give the service higher or lower priority than it otherwise would have.

10-8

Network and System Management

v1.0, September 2009

Page 340
Image 340
NETGEAR UTM10EW-100NAS manual Using QoS and Bandwidth Assignment to Shift the Traffic Mix, Configuring Exposed Hosts