ZyXEL Communications 2602HW Series Chapter, Chapter, Firewall Configuration

Prestige 2602HW Series User’s Guide

Chapter 13
Firewalls................................................................................................................		155
13.1	Firewall Overview ...........................................................................................	155
13.2	Types of Firewalls ..........................................................................................	155
13.2.1 Packet Filtering Firewalls ......................................................................		155
13.2.2 Application-level Firewalls ....................................................................		155
13.2.3 Stateful Inspection Firewalls ................................................................		156
13.3	Introduction to ZyXEL’s Firewall .....................................................................	156
13.3.1 Denial of Service Attacks ......................................................................		157
13.4	Denial of Service ............................................................................................	157
13.4.1 Basics ...................................................................................................		157
13.4.2 Types of DoS Attacks ...........................................................................		158
	13.4.2.1 ICMP Vulnerability ......................................................................	160
	13.4.2.2 Illegal Commands (NetBIOS and SMTP) ....................................	160
	13.4.2.3 Traceroute ...................................................................................	161
13.5	Stateful Inspection ..........................................................................................	161
13.5.1 Stateful Inspection Process ..................................................................		162
13.5.2 Stateful Inspection and the Prestige .....................................................		163
13.5.3 TCP Security .........................................................................................		163
13.5.4 UDP/ICMP Security ..............................................................................		164
13.5.5 Upper Layer Protocols ..........................................................................		164
13.6	Guidelines for Enhancing Security with Your Firewall ....................................	164
13.6.1 Security In General ...............................................................................		165
13.7	Packet Filtering Vs Firewall ............................................................................	166
13.7.1 Packet Filtering: ....................................................................................		166
	13.7.1.1 When To Use Filtering .................................................................	166
13.7.2 Firewall .................................................................................................		166
	13.7.2.1 When To Use The Firewall ..........................................................	166
Chapter 14
Firewall Configuration .........................................................................................		169
14.1	Access Methods .............................................................................................	169
14.2	Firewall Policies Overview .............................................................................	169
14.3	Rule Logic Overview ......................................................................................	170
14.3.1 Rule Checklist .......................................................................................		170
14.3.2 Security Ramifications ..........................................................................		170
14.3.3 Key Fields For Configuring Rules .........................................................		171
	14.3.3.1 Action ..........................................................................................	171
	14.3.3.2 Service ........................................................................................	171
	14.3.3.3 Source Address ...........................................................................	171
	14.3.3.4 Destination Address ....................................................................	171
14.4	Connection Direction Example .......................................................................	171
14.4.1 LAN to WAN Rules ...............................................................................		172

14	Table of Contents