ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
•
WAN side: 1000 Mbps (one WAN port at 1000 Mbps)
In practice, the WAN side bandwidth capacity will be much lower when DSL or cable modems are
used to connect to the Internet. As a result and depending on the traffic being carried, the WAN
side of the firewall will be the limiting factor to throughput for most installations.
Features that Reduce Traffic
Features of the VPN firewall that can be called upon to decrease WAN-side loading are as follows:
•
Service blocking
•
Block sites
•
Source MAC filtering
Service Blocking
You can control specific outbound traffic (from LAN to WAN). Outbound Services lists all
existing rules for outbound traffic. If you have not defined any rules, only the default rule will be
listed. The default rule allows all outgoing traffic.
Warning: This feature is for Advanced Administrators only! Incorrect configuration
will cause serious problems.
Each rule lets you specify the desired action for the connections covered by the rule:
•
BLOCK always
•
BLOCK by schedule, otherwise Allow
•
ALLOW always
•
ALLOW by schedule, otherwise Block
As you define your firewall rules, you can further refine the application according to the following
criteria:
•
LAN Users. These settings determine which computers on your network are affected by this
rule. Select the desired options:
–
Any. All PCs and devices on your LAN.
–
Single address. The rule will be applied to the address of a particular PC.
–
Address range. The rule is applied to a range of addresses.
9-2
v1.0, October 2008
Firewall and Network Management