Blocking Internet Sites (Content Filtering) - NETGEAR FVS318G - ProSafe Gigabit VPN Firewall Data Sheet Router Reference Manual

Prosafe gigabit 8 port vpn firewall

Hide thumbs Also See for FVS318G - ProSafe Gigabit VPN Firewall Data Sheet Router:

Reference manual (422 pages)

Datasheet (3 pages)

Installation manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

Table of Contents

•

VPN Pass through—When the FVS318G is in NAT mode, all packets going to the Remote

VPN Gateway are first filtered through NAT and then encrypted per the VPN policy.

If a VPN client or gateway on the LAN side of the VPN firewall wants to connect to another

VPN endpoint on the WAN, with the FVS318G between the two VPN end points, all

encrypted packets will be sent to the FVS318G. Since the FVS318G filters the encrypted

packets through NAT, the packets become invalid.

IPSec, PPTP, and L2TP represent different types of VPN tunnels that can pass through the

FVS318G. To allow the VPN traffic to pass through without filtering, enable those options for

the type of tunnel(s) that will pass through the FVS318G.

Blocking Internet Sites (Content Filtering)

To restrict internal LAN users from access to certain sites on the Internet, you can use the VPN

firewall router's Content Filtering and Web Components filtering. By default, these features are

disabled; all requested traffic from any Web site is allowed. If you enable one or more of these

features and users try to access a blocked site, they will see a "Blocked by NETGEAR" message.

Several types of blocking are available:

•

Web Components blocking. You can filter the following Web Component types: Proxy,

Java, ActiveX, and Cookies. For example, by enabling Java filtering, "Java" files will be

blocked. Certain commonly used web components can be blocked for increased security.

Some of these components are can be used by malicious websites to infect computers that

access them.

–

Proxy. A proxy server (or simply, proxy) allows computers to route connections to other

computers through the proxy, thus circumventing certain firewall rules. For example, if

connections to a specific IP address are blocked by a firewall rule, the requests can be

routed through a proxy that is not blocked by the rule, rendering the restriction ineffective.

Enabling this feature blocks proxy servers.

–

Java. Blocks java applets from being downloaded from pages that contain them. Java

applets are small programs embedded in web pages that enable dynamic functionality of

the page. A malicious applet can be used to compromise or infect computers. Enabling this

setting blocks Java applets from being downloaded.

–

ActiveX. Similar to Java applets, ActiveX controls install on a Windows computer

running Internet Explorer. A malicious ActiveX control can be used to compromise or

infect computers. Enabling this setting blocks ActiveX applets from being downloaded.

Firewall Protection and Content Filtering

ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual

1.1 November, 2009

4-21

Table of Contents

Blocking Internet Sites (Content Filtering) - NETGEAR FVS318G - ProSafe Gigabit VPN Firewall Data Sheet Router Reference Manual

Blocking Internet Sites (Content Filtering)

Troubleshooting

Related Manuals for NETGEAR FVS318G - ProSafe Gigabit VPN Firewall Data Sheet Router

Related Content for NETGEAR FVS318G - ProSafe Gigabit VPN Firewall Data Sheet Router

Table of Contents