Chapter 19 Firewall

Your customized rules take precedence and override the ZyWALL’s default settings. The ZyWALL checks the schedule, user name (user’s login name on the ZyWALL), source IP address, destination IP address and IP protocol type of network traffic against the firewall rules (in the order you list them). When the traffic matches a rule, the ZyWALL takes the action specified in the rule.

For example, if you want to allow a specific user from any computer to access one zone by logging in to the ZyWALL, you can set up a rule based on the user name only. If you also apply a schedule to the firewall rule, the user can only access the network at the scheduled time. A user-aware firewall rule is activated whenever the user logs in to the ZyWALL and will be disabled after the user logs out of the ZyWALL.

19.2 Firewall Rules

Firewall rules are grouped based on the direction of travel of packets to which they apply.

"

"

The LAN, WAN, and DMZ zones are default zones.Refer to Chapter 14 on page 245 for more information on zones.

If you create a new zone, there is no default firewall rule for it and any packets sent to or from the new zone are allowed.

19.2.1 Rule Directions

The following table shows you the default firewall rules that inspect packets going through the ZyWALL.

"The ZyWALL checks the firewall rules before the application patrol rules for traffic going through the ZyWALL.

If you want to use a service, make sure both the firewall and application patrol allow the service’s packets to go through the ZyWALL.

You can use the firewall to block a service with a static port number. To block a service using a flexible/dynamic port number by inspecting the service’s packets, you need to use application patrol. See the chapter about application patrol for more information.

278

 

ZyWALL USG 1000 User’s Guide