ZyXEL Communications P-661HW Chapter, Chapter, Firewall Configuration

	P-661H/HW Series User’s Guide
Chapter 8
Firewalls................................................................................................................		145
8.1	Firewall Overview ............................................................................................	145
8.2	Types of Firewalls ............................................................................................	145
	8.2.1 Packet Filtering Firewalls ........................................................................	145
	8.2.2 Application-level Firewalls ......................................................................	146
	8.2.3 Stateful Inspection Firewalls ...................................................................	146
8.3	Introduction to ZyXEL’s Firewall .......................................................................	146
	8.3.1 Denial of Service Attacks ........................................................................	147
8.4	Denial of Service ..............................................................................................	147
	8.4.1 Basics .....................................................................................................	147
	8.4.2 Types of DoS Attacks .............................................................................	148
	8.4.2.1 ICMP Vulnerability ........................................................................	150
	8.4.2.2 Illegal Commands (NetBIOS and SMTP) ......................................	150
	8.4.2.3 Traceroute .....................................................................................	151
8.5	Stateful Inspection ............................................................................................	151
	8.5.1 Stateful Inspection Process ....................................................................	152
	8.5.2 Stateful Inspection and the ZyXEL Device ..............................................	152
	8.5.3 TCP Security ...........................................................................................	153
	8.5.4 UDP/ICMP Security ................................................................................	153
	8.5.5 Upper Layer Protocols ............................................................................	154
8.6	Guidelines for Enhancing Security with Your Firewall ......................................	154
	8.6.1 Security In General .................................................................................	154
8.7	Packet Filtering Vs Firewall ..............................................................................	155
	8.7.1 Packet Filtering: ......................................................................................	155
	8.7.1.1 When To Use Filtering ...................................................................	156
	8.7.2 Firewall ...................................................................................................	156
	8.7.2.1 When To Use The Firewall ............................................................	156
Chapter 9
Firewall Configuration .........................................................................................		157
9.1	Access Methods ...............................................................................................	157
9.2	Firewall Policies Overview ...............................................................................	157
9.3	Rule Logic Overview ........................................................................................	158
	9.3.1 Rule Checklist .........................................................................................	158
	9.3.2 Security Ramifications ............................................................................	158
	9.3.3 Key Fields For Configuring Rules ...........................................................	159
	9.3.3.1 Action ............................................................................................	159
	9.3.3.2 Service ..........................................................................................	159
	9.3.3.3 Source Address .............................................................................	159
	9.3.3.4 Destination Address ......................................................................	159
9.4	Connection Direction ........................................................................................	159
	9.4.1 LAN to WAN Rules .................................................................................	160

Table of Contents