1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Gateway
  5. P-793H v3
  6. User manual

Guidelines For Enhancing Security With Your Firewall - ZyXEL Communications P-793H v3 User Manual

P-79x series g.shdsl.bis broadband gateway
Hide thumbs Also See for P-793H v3:
Table of Contents

Advertisement

• LAN to WAN
These rules specify which computers on the LAN can access which computers or services on the
WAN.
By default, the P-79X's stateful packet inspection drops packets traveling in the following
directions:
• WAN to LAN
These rules specify which computers on the WAN can access which computers or services on the
LAN.
Note: You also need to configure NAT port forwarding (or full featured NAT address
mapping rules) to allow computers on the WAN to access devices on the LAN.
• WAN to WAN/ Router
By default the P-79X stops computers on the WAN from managing the P-79X or using the P-79X
as a gateway to communicate with other computers on the WAN. You could configure one of
these rules to allow a WAN computer to manage the P-79X.
Note: You also need to configure the remote management settings to allow a WAN
computer to manage the P-79X.
You may define additional rules and sets or modify existing ones but please exercise extreme
caution in doing so.
For example, you may create rules to:
• Block certain types of traffic, such as IRC (Internet Relay Chat), from the LAN to the Internet.
• Allow certain types of traffic, such as Lotus Notes database synchronization, from specific hosts
on the Internet to specific hosts on the LAN.
• Allow everyone except your competitors to access a web server.
• Restrict use of certain protocols, such as Telnet, to authorized users on the LAN.
These custom rules work by comparing the source IP address, destination IP address and IP
protocol type of network traffic to rules set by the administrator. Your customized rules take
precedence and override the P-79X's default rules.

10.5.2 Guidelines For Enhancing Security With Your Firewall

Change the default password via web configurator.
1
Think about access control before you connect to the network in any way.
2
Limit who can access your router.
3
Don't enable any local service (such as telnet or FTP) that you don't use. Any enabled service could
4
present a potential security risk. A determined hacker might be able to find creative ways to misuse
the enabled services to access the firewall or the network.
For local services that are enabled, protect against misuse. Protect by configuring the services to
5
communicate only with specific peers, and protect by configuring rules to block packets for the
services at specific interfaces.
Chapter 10 Firewalls
P-79X Series User's Guide
111
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications P-793H v3

Related Content for ZyXEL Communications P-793H v3

This manual is also suitable for:

P-792h v3P-791r v3

Table of Contents