Firewall; Dmz; Port Triggering; Wireless Security - Motorola Wireless Cable Modem Gateway SBG1000 User Manual

Overview Installation Troubleshooting Contact

Firewall

The SBG1000 firewall protects the SBG1000 LAN from undesired attacks and other intrusions from the Internet. It
provides an advanced integrated
denial-of-service attack prevention. The firewall:
•
Maintains state data for every
•
Monitors all incoming and outgoing packets, applies the firewall policy to each one, and screens for improper
packets and intrusion attempts
•
Provides comprehensive logging for all:
— User authentications
— Rejected internal and external connection requests
— Session creation and termination
— Outside attacks (intrusion detection)
You can configure the firewall filters to set rules for port usage. For information about choosing a predefined
firewall policy template, see

DMZ

A de-militarized zone (DMZ) is one or more computers logically located outside the firewall between an SBG1000
LAN and the Internet. A DMZ prevents direct access by outside users to private data.
For example, you can set up a web server on a DMZ computer to enable outside users to access your website
without exposing confidential data on your network.
A DMZ can also be useful to play interactive games that may have a problem running through a firewall. You can
leave a computer used for gaming only exposed to the Internet while protecting the rest of your network. For more
information, see "Gaming Configuration

Port Triggering

When you run a PC application that accesses the Internet, it typically initiates communications with a computer on
the Internet. In some applications, especially gaming, the computer on the Internet also initiates communications
with your PC. Because NAT does not normally allow these incoming connections to occur, the SBG1000 supports
port triggering.
The SBG1000 is preconfigured with port triggering for common applications. You can also configure additional
port triggers if needed on the

Wireless Security

Because wireless LAN signals are transmitted using radio signals, it may be possible for your neighbor or
someone else you do not want to access your wireless LAN. To prevent unauthorized eavesdropping of data
transmitted over the wireless LAN, you must enable wireless security. The default SBG1000 settings provide no
security for transmitted data.
The SBG1000 enables you to use the following wireless security measures:
•
Restrict access to computers having the same unique network name as the SBG1000.
•
Encrypt data transmitted over the wireless interface by configuring a Wired Equivalency Privacy (WEP) key
on the SBG1000 and wireless LAN clients (stations).
•
Define a MAC access control list to restrict wireless LAN access to clients based on the MAC address.
Home Print
Configuration: Basic Gateway TCP/IP Wireless Print Server USB
stateful-inspection
TCP/IP session on the
"Setting the Firewall Policy".
Guidelines".
Gateway > PORT TRIGGERS — custom
X
17
Exit
FAQ
firewall supporting intrusion detection, session tracking, and
OSI network and transport layers
Page.
SBG1000 User Guide
Specifications Glossary License