ZyXEL Communications P-660H-D Series Chapter, Firewall Configuration

P-660R/H-D Series User’s Guide

10.3.1 Denial of Service Attacks ......................................................................		100
10.4 Denial of Service ............................................................................................		100
10.4.1 Basics ...................................................................................................		100
10.4.2 Types of DoS Attacks ...........................................................................		101
	10.4.2.1 ICMP Vulnerability ......................................................................	103
	10.4.2.2 Illegal Commands (NetBIOS and SMTP) ....................................	103
	10.4.2.3 Traceroute ...................................................................................	104
10.5 Stateful Inspection ..........................................................................................		104
10.5.1 Stateful Inspection Process ..................................................................		105
10.5.2 Stateful Inspection and the Prestige .....................................................		106
10.5.3 TCP Security .........................................................................................		106
10.5.4 UDP/ICMP Security ..............................................................................		107
10.5.5 Upper Layer Protocols ..........................................................................		107
10.6 Guidelines for Enhancing Security with Your Firewall ....................................		107
10.6.1 Security In General ...............................................................................		108
10.7 Packet Filtering Vs Firewall ............................................................................		109
10.7.1 Packet Filtering: ....................................................................................		109
	10.7.1.1 When To Use Filtering .................................................................	109
10.7.2 Firewall .................................................................................................		109
	10.7.2.1 When To Use The Firewall ..........................................................	109
Chapter 11
Firewall Configuration .........................................................................................		112
11.1	Access Methods .............................................................................................	112
11.2	Firewall Policies Overview .............................................................................	112
11.3	Rule Logic Overview .....................................................................................	113
11.3.1 Rule Checklist .......................................................................................		113
11.3.2 Security Ramifications ..........................................................................		113
11.3.3 Key Fields For Configuring Rules .........................................................		114
	11.3.3.1 Action ...........................................................................................	114
	11.3.3.2 Service .........................................................................................	114
	11.3.3.3 Source Address ...........................................................................	114
	11.3.3.4 Destination Address ....................................................................	114
11.4	Connection Direction ......................................................................................	114
11.4.1 LAN to WAN Rules ................................................................................		114
11.4.2 Alerts .....................................................................................................		115
11.5	Configuring Default Firewall Policy ..............................................................	115
11.6	Rule Summary ..............................................................................................	116
11.6.1 Configuring Firewall Rules ..................................................................		118
11.7	Customized Services .....................................................................................	121
11.8	Configuring A Customized Service ...............................................................	121
11.9	Example Firewall Rule ....................................................................................	122
11.10 Predefined Services .....................................................................................		126

13	Table of Contents