Outbound Dmz Traffic Options - D-Link NetDefend SOHO DFL-160 User Manual

Netdefend soho utm firewall

Hide thumbs Also See for NetDefend SOHO DFL-160:

Reference manual (356 pages)

Quick installation manual (61 pages)

Quick installation manual (33 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

Table of Contents

4.2. Outbound DMZ Traffic Options

The Meaning of Outbound

These options determine what types of traffic can pass between the DMZ network and the WAN

interface when the connection is initiated by a client or host on the DMZ network.

For instance, the retrieval of data from a web server on the public Internet is still considered part of

outbound traffic if the retrieval request is initiated by a web surfer sitting on the DMZ network.

The options on the page of the web interface follow the same pattern described for the LAN

interface described in Section 4.1, "Outbound LAN Traffic Options" although there are some

differences.

Allowing Services

A Service refers to a higher level protocol such as the HTTP protocol used for web surfing and is a

convenient way of identifying different types of data traffic. The presentation of the first few

choices in the web interface is shown below.

By default, all services are allowed, that is to say, no connections initiated from the DMZ network

are blocked.

It is recommended, however, to try and impose restrictions that match the expected needs of the

clients and hosts on the DMZ network.

Connections from the DMZ to the LAN

Connections initiated from the DMZ network to hosts on the LAN network are never allowed.

However, the opposite is always true: connections initiated by hosts on the LAN network are always

allowed to the DMZ network.

This arrangement prevents a host that becomes infected on the DMZ spreading the problem to the

LAN network. This implements one of the prime purposes of the DMZ which is to be a network

where hosts which receive connections from the public Internet can be placed.

Specifying Custom Traffic

By clicking the Custom Traffic tab and then selecting Add > Custom Traffic, it is possible to

allow through a protocol not specified in the pre-defined list.

For a custom protocol it is necessary to specify if the protocol uses TCP or UDP connections or

both and to specify the port number that the protocol will try and connect to at the other end of the

connection. The presentation of the new custom rule options in the web interface is shown below.

Chapter 4. The Firewall Menu

Table of Contents

Outbound Dmz Traffic Options - D-Link NetDefend SOHO DFL-160 User Manual

4.2. Outbound DMZ Traffic Options

Troubleshooting

Related Manuals for D-Link NetDefend SOHO DFL-160

Related Content for D-Link NetDefend SOHO DFL-160

Table of Contents