Configuring Policies For The Optional Network; Controlling Traffic From The Trusted To Optional Network - Watchguard Firebox X20E User Manual

Configuring Policies for the Optional Network

Click Submit.
11
Configuring Policies for the Optional Network
By default, the Firebox® X Edge e-Series allows all traffic that starts in the trusted network and tries to
go to the optional network, and denies all traffic that starts in the optional network and tries to go to
the trusted network.
Here are some examples of how you can use the optional network:
You can use the optional network for servers that the external network can get to. This helps to
•
protect the trusted network, because no traffic is allowed to the trusted network from the
optional network when the Firebox X Edge is in default configuration.
When computers are accessible from the external network, they are more vulnerable to attack. If
your public web or FTP server on the optional network is hacked or compromised, the attacker
cannot get access to your trusted network.
You can use the optional network to secure a wireless network. Wireless networks are usually less
•
secure than wired networks. If you have a wireless access point (WAP) or a Firebox X Edge
Wireless, you can increase the security of your trusted network by keeping the WAP on the
optional network.
You can use the optional network to have a different network IP address range that is allowed to
•
communicate with the trusted network. See the section "Disabling Traffic Filters, " below.

Controlling traffic from the trusted to optional network

Do these steps to control traffic that goes from the trusted network to the optional network:
To connect to the System Status page, type https:// in the browser address bar, and the IP
1
address of the Firebox X Edge trusted interface.
The default URL is: https://192.168.111.1
From the navigation bar, select Firewall > Optional.
2
The Filter Outgoing Traffic to Optional Network page appears.
100 Firebox X Edge e-Series