Prestige 2602HW Series User’s Guide

Chapter 13

 

 

Firewalls................................................................................................................

155

13.1

Firewall Overview ...........................................................................................

155

13.2

Types of Firewalls ..........................................................................................

155

13.2.1 Packet Filtering Firewalls ......................................................................

155

13.2.2 Application-level Firewalls ....................................................................

155

13.2.3 Stateful Inspection Firewalls ................................................................

156

13.3

Introduction to ZyXEL’s Firewall .....................................................................

156

13.3.1 Denial of Service Attacks ......................................................................

157

13.4

Denial of Service ............................................................................................

157

13.4.1 Basics ...................................................................................................

157

13.4.2 Types of DoS Attacks ...........................................................................

158

 

13.4.2.1 ICMP Vulnerability ......................................................................

160

 

13.4.2.2 Illegal Commands (NetBIOS and SMTP) ....................................

160

 

13.4.2.3 Traceroute ...................................................................................

161

13.5

Stateful Inspection ..........................................................................................

161

13.5.1 Stateful Inspection Process ..................................................................

162

13.5.2 Stateful Inspection and the Prestige .....................................................

163

13.5.3 TCP Security .........................................................................................

163

13.5.4 UDP/ICMP Security ..............................................................................

164

13.5.5 Upper Layer Protocols ..........................................................................

164

13.6

Guidelines for Enhancing Security with Your Firewall ....................................

164

13.6.1 Security In General ...............................................................................

165

13.7

Packet Filtering Vs Firewall ............................................................................

166

13.7.1 Packet Filtering: ....................................................................................

166

 

13.7.1.1 When To Use Filtering .................................................................

166

13.7.2 Firewall .................................................................................................

166

 

13.7.2.1 When To Use The Firewall ..........................................................

166

Chapter 14

 

 

Firewall Configuration .........................................................................................

169

14.1

Access Methods .............................................................................................

169

14.2

Firewall Policies Overview .............................................................................

169

14.3

Rule Logic Overview ......................................................................................

170

14.3.1 Rule Checklist .......................................................................................

170

14.3.2 Security Ramifications ..........................................................................

170

14.3.3 Key Fields For Configuring Rules .........................................................

171

 

14.3.3.1 Action ..........................................................................................

171

 

14.3.3.2 Service ........................................................................................

171

 

14.3.3.3 Source Address ...........................................................................

171

 

14.3.3.4 Destination Address ....................................................................

171

14.4

Connection Direction Example .......................................................................

171

14.4.1 LAN to WAN Rules ...............................................................................

172

14

Table of Contents