1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Hardware
  5. WS-CE500 - Catalyst Express 500-24PC
  6. Administration manual

Firewall For Controlling Inbound And Outbound Traffic; Dmz For Public Websites And Services - Cisco WS-CE500 Administration Manual

Sa500 series small business security appliances
Hide thumbs
Table of Contents

Advertisement

Getting Started
Common Configuration Scenarios
NOTE
Cisco SA500 Series Security Appliances Administration Guide
Scenario 6: Firewall for Controlling Inbound and Outbound
Traffic
By default, all outbound traffic is allowed and all inbound traffic is denied. If you
want to deny some outbound traffic or allow some inbound traffic, you will need to
configure a firewall rule. To prevent unwanted traffic from the Internet, and to
ensure that your employees are using the Internet for approved business
purposes, you can configure various levels of firewall rules. You can configure
rules that apply to a specified IP address, a range of IP addresses, or to everyone
globally.
Consider the following examples of firewall rules:
Block outbound traffic to certain websites
Restrict Internet access for certain users
Allow inbound traffic to your DMZ
Configure advanced NAT routing
For these scenarios and all situations in which you need an exception from the
default firewall policy, you need to configure firewall rules.
The default WAN and LAN settings might be sufficient for your deployment, but
consider the steps outlined in
Internet Access, page
Configuration tasks for this scenario:
To start configuring your firewall rules, use the Firewall and NAT Rules links on the
Getting Started (Advanced) page. For more information, see
Rules to Control Inbound and Outbound Traffic, page
Scenario 7: DMZ for Public Websites and Services
If your business hosts public services such as websites, you need a way to allow
access to those services without exposing your LAN. You can address this
concern by configuring the Optional port of the security appliance for use as a
DMZ (Demarcation Zone or Demilitarized Zone). This zone acts as a separate
network between your private LAN and the Internet. After you configure your
DMZ, you can configure the firewall rules that enable traffic to connect only to the
services that you specify.
Scenario 1: Basic Network Configuration with
26.
1
Configuring Firewall
103.
29

Advertisement

Table of Contents
loading

Related Manuals for Cisco WS-CE500

Related Content for Cisco WS-CE500

This manual is also suitable for:

Esw-540-24 - small business pro switchEsw-540-48 - small business pro switchWs-ce500-24lc - catalyst express switchWs-ce500-24pc - catalyst express 500-24pc switchWs-ce500-24tt - catalyst express switchWs-ce500g-12tc - catalyst express 500g-12tc ... Show all

Table of Contents