Configure And Enable The Dmz Port - NETGEAR UTM9S Reference Manual

Configure and Enable the DMZ Port

The demilitarized zone (DMZ) is a network that, by default, has fewer firewall restrictions than
the LAN. The DMZ can be used to host servers (such as a web server, FTP server, or email
server) and provide public access to them. The rightmost LAN port on the UTM can be
dedicated as a hardware DMZ port to safely provide services to the Internet without
compromising security on your LAN. On the UTM5, UTM10, UTM25, and UTM150, this is
LAN port 4; on the UTM50, this is LAN port 6.
By default, the DMZ port and both inbound and outbound DMZ traffic are disabled. Enabling
the DMZ port and allowing traffic to and from the DMZ increases the traffic through the WAN
ports.
Using a DMZ port is also helpful with online games and videoconferencing applications that
are incompatible with NAT. The UTM is programmed to recognize some of these applications
and to work correctly with them, but there are other applications that might not function well.
In some cases, local PCs can run the application correctly if those PCs are used on the DMZ
port.
Note: A separate firewall security profile is provided for the DMZ port that
is also physically independent of the standard firewall security
component that is used for the LAN.
The DMZ Setup screen lets you set up the DMZ port. It permits you to enable or disable the
hardware DMZ port (LAN port 4 or LAN port 6; see
page 22) and configure an IP address and subnet mask for the DMZ port.

To enable and configure the DMZ port:
1. Select Network Config > DMZ Setup. The DMZ Setup screen displays:
ProSecure Unified Threat Management (UTM) Appliance
LAN Configuration
Front Panel UTM5 and UTM10
112
on