Firewall; Figure 182 Default Firewall Action - ZyXEL Communications Unified Security Gateway ZyWALL 300 User Manual

C
H A P T E R
This chapter introduces the ZyWALL's firewall and shows you how to configure your
ZyWALL's firewall.See
19.1 Firewall Overview
The ZyWALL's firewall is a stateful inspection firewall. The ZyWALL restricts access by
screening data packets against defined access rules. It can also inspect sessions. For example,
traffic from one zone is not allowed unless it is initiated by a computer in another zone first.
A zone is a group of interfaces or VPN tunnels. Group the ZyWALL's interfaces into different
zones based on your needs. You can configure firewall rules for data passing between zones or
even between interfaces and/or VPN tunnels in a zone.
The following figure shows the ZyWALL's default firewall rules in action as well as
demonstrates how stateful inspection works. User 1 can initiate a Telnet session from within
the LAN zone and responses to this request are allowed. However, other Telnet traffic initiated
from the WAN or DMZ zone and destined for the LAN zone is blocked. Communications
between the WAN and the DMZ zones are allowed. The firewall allows VPN traffic between
any of the networks.

Figure 182 Default Firewall Action

ZyWALL USG 300 User's Guide
Section 5.4.12 on page 118
19

Firewall

for related information on these screens.
277