Security Level - Mitel 3000 Manual

Mitel 3000
Broadband Module Manual

Security Level

There are four pre-defined security levels (high, medium, low and none) that contain different
security filters for each interface (WAN/LAN, WAN/DMZ, DMZ/LAN). When "None" is
selected, all traffic is blocked. Additional filters can be added to each security level as
required.
The default setting is High Security Level.
The Medium Security level has additional filters. For example it is set up to allow access to a
web server or a mail server on the DMZ from the External interface.
The Low Security level adds more filters. For example, as well as allowing access to a web
server or a mail server on the DMZ, it also allows Telnet and FTP access from the External
interface.
The pre-defined security configurations are:
High Security Level
(from any source IP address or
any source port)
Service Destination Port
ICMP N/A
Any TCP
Any UDP
RMCP TCP
TCP
ISAKMP UDP
SSL TCP
Kerberos TCP
Kerberos UDP
HTTP TCP
DNS UDP
Telnet TCP
SMTP TCP
POP3 TCP
FTP TCP
SSH TCP
SIP UDP
IPT TCP
Medium Security Level
(from any source IP address or
any source port)
Service Destination Port
ICMP N/A
Any TCP
Any UDP
RMCP TCP
TCP
ISAKMP UDP
SSL TCP
Kerberos TCP
Kerberos UDP
HTTP TCP
64
External
<>
Internal
In
N/A F
0 -65535 F
0 - 65535 F
50 F
51 F
500 F
443 F
88 F
88 F
80 F
53 F
23 F
25 F
110 F
21 F
22 F
5060 - 6000 T
5566 T
External
<>
Internal
In
N/A F
0 - 65535 F
0 - 65535 F
50 F
51 F
500 F
443 F
88 F
88 F
80 F
External
<>
DMZ
Out In Out
T F T
T F T
T F T
T F T
T F T
T F T
T F T
T F T
T F T
T T T
T T T
T F T
T F T
T F T
T F T
T T T
T T T
T T T
External
<>
DMZ
Out In Out
T F T
T F T
T F T
T F T
T F T
T F T
T F T
T F T
T F T
T T T
DMZ
<>
Internal
In Out
F T
F T
F T
T F
T F
T F
T F
T F
T F
F T
T T
F T
F T
F T
F T
T F
T T
T T
DMZ
<>
Internal
In Out
F T
F T
F T
T F
T F
T F
T F
T F
T F
F T