Table of Contents
Advertisement
DSL-502G ADSL Router User's Guide
Advanced Filter & Firewall
One of the most important elements of any network security implementation is the firewall. Packet filtering is a
basic firewall security measure and should be used on any network that is exposed to security risk. A packet
filter system examines data packets and scrutinizes them in order to control network access. Filtering rules
determine whether packets are passed through the Router from either side of the gateway. The rules are created
and controlled by the network administrator and can be precisely defined. These rules are used to block access to
the LAN from outside the network and/or to deny access to the WAN from within the network. The Router uses
filtering rules to examine data packet headers for specific information. Packets passing through the Router that
do not meet the criteria specified by the rule set are dropped.
In order to improve network security without severely limiting network efficiency, it is important to carefully
plan the sets of access rules. Effective implementation of packet filtering requires detailed knowledge of network
services and communication protocols. An overly complicated filtering scheme can adversely effect routing
performance, while an inadequate set of rules may needlessly compromise security.
Packet filtering can be used in conjunction with NAT, port redirection and proxy servers to help provide basic
firewall protection. However, these measures do not address many security issues and should be used as only one
part of an overall network security strategy. It is important to remember that IP packet filtering examines only
the packet header and is not concerned with application information. Therefore, packet filtering does not protect
against higher-level security threats that may operate at the application or other level.
Filtering rules can be precisely defined based upon source and destination IP address, as well as port and
protocol information. Up to four filter sets can be used; each set contains up to sixteen filtering rules subsets.
Figure 24. Filter & Firewall Menu 1
The first Filter & Firewall menu lists the four filtering sets, each followed by an identifying comment. Below the
list are two drop-down menus. The filtering sets are sets of filtering rules defined in the menus shown below.
When you are finished defining the rules for each set, use the If not matched menu to select Pass or Block for
all the sets listed. From the IP Filter menu, select enabled or disabled to enable or disable the listed filtering sets.
When all the changes are made to the sets as you want them, click on the OK button. You can save the sets and
reboot the system now or continue to make other changes.
43
Advertisement
Table of Contents
