Firewall Overview - McAfee SG310 Administration Manual

Firewall menu options

Firewall overview

Incoming Access – Packets destined for the appliance (Inputs) are processed by Incoming Access rules.
See Incoming
Access Control – All other packets travelling through the appliance (Forwards) that are not blocked by
packet filtering are turned over to access control. For details, see
Note: Web list, content filtering, antivirus and antispam use proxies. When these options are enabled, the forward
packet filter rules do not apply. Access control functions are performed by the proxy. See
Web Gateway web filtering
IPS – If IPS is enabled, packets pass to IPS after handling by Access Control mechanisms. For details, see
Intrusion Detection
Source NAT – If Source NAT is enabled, the UTM Firewall device replaces the source IP address of a
packet with another IP address, such as hiding your private network behind the public address of the UTM
Firewall unit. See
Firewall overview
The UTM Firewall appliance is equipped with a fully-featured firewall. The firewall allows you to control both
incoming and outgoing access so that PCs on local networks can have tailored Internet access facilities
while being shielded from malicious attacks from external networks. The stateful firewall of the appliance
keeps track of outgoing connections, such as a PC on your LAN requesting content from a server on the
Internet, and only allows corresponding incoming traffic, such as the server on the Internet sending the
requested content to the PC. By default, your appliance allows network traffic as shown in
Table 11 Default network traffic
Incoming Interface
LAN
VPN
Dial-in
DMZ
DMZ
Internet
Guest
Sometimes it is useful to allow some incoming connections; for example, if you have a mail or Web server
on your LAN or DMZ that you want to be accessible from the Internet. This is accomplished using a
combination of NAT and packet filter rules. The Management Console provides a powerful interface for
tailoring the firewall to your network.
The Firewall menu contains the following topics for its menu options (some models do not have all menu
options):
• Definitions
• Packet filtering
• NAT
• Connection tracking
• Intrusion Detection Systems
• Access control
• Antivirus
• Antispam (TrustedSource)
McAfee UTM Firewall 4.0.4 Administration Guide
access.
service, Antivirus, and
Systems.
About masquerading and source
Outgoing Interface
Any
Any
Any
Internet
Any except Internet
Any
Any
Access
Antispam (TrustedSource)
NAT.
Action
Accept
Accept
Accept
Accept
Drop
Drop
Drop
control.
Web Lists tab,
for more details.
Table 11.
McAfee
151