Chapter 14 Instant Firewall - Dell PowerConnect W-IAP3WN User Manual
Instant access point 6.1.3.4-3.1.0.0
Hide thumbs
Also See for PowerConnect W-IAP3WN:
- User manual (296 pages) ,
- Installation manual (2 pages) ,
- Manual (10 pages)
Table of Contents
Advertisement
A firewall is a system designed to prevent unauthorized internet users from accessing a private network connected
to the internet. It defines access rules and monitors all data entering or leaving the network and blocks data that
does not satisfy the specified security policies.
Dell Instant implements a Instant Firewall feature that uses a simplified firewall policy language. An
administrator can define the firewall policies on an SSID or wireless LAN such as the Guest network or an
Employee network. At the end of the authentication process, these policies are uniformly applied to users
connected to that network. The Instant Firewall gives you the flexibility to limit packets or bandwidth available to
a particular class of users. Instant Firewall manages packets according to the first rule the packet matches.
1. In the Networks tab, click the New link. The New WLAN window appears.
2. Navigate to Access tab to specify the access rules for the network.
3. Slide to Network-based using the scroll bar and click New to add a new rule.
The New Rule window consists of the following options:
Rule type— Select the rule type (Access control, VLAN assignment) from the drop-down list.
Action— Select Allow or Deny from the drop-down list to allow or deny traffic with the specified service type
and destination.
Log— Select this checkbox if you want a log entry to be created when this rule is triggered. Instant firewall
supports firewall based logging function. Firewall logs on IAP are generated as syslog messages.
Blacklist— Select this checkbox if you want the client to be blacklisted when this rule is triggered. The
blacklisting will last for the duration specified as Auth failure blacklist time on the Blacklisting tab of the PEF
window. See
Classify media— Select this checkbox if you want to prioritize video and voice traffic. When enabled, deep
packet inspection is performed on all non-NATed traffic, and the traffic is marked as follows:
Video: Priority 5 (Critical)
Voice: Priority 6 (Internetwork Control)
Disable scanning— Select this checkbox if you want ARM scanning to be paused when this rule is triggered,
to optimize performance.
NOTE: This feature only takes effect if ARM scanning is enabled, from the ARM tab of the RF dialog.
DSCP tag— Select this checkbox if you want to specify a DSCP value to prioritize traffic when this rule is
triggered. Specify a value between 0 and 63. The higher the value, the higher the priority.
802.1p priority— Select this checkbox if you want to specify an 802.1p priority. Specify a value between 0 and
7. The higher the value, the higher the priority.
Dell PowerConnect W-Series Instant Access Point 6.1.3.4-3.1.0.0 | User Guide
"Client Blacklisting" on page 223
Chapter 14
Instant Firewall
for more information.
Instant Firewall | 147
Advertisement
Table of Contents
