NETGEAR SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall Reference Manual page 99

Table 4-3. Inbound Rules Overview (continued)
Setting Description (or Subfield and Description)
WAN Users The settings that determine which Internet locations are covered by the rule, based
on their IP address. The options are:
• Any. All Internet IP address are covered by this rule.
• Single address. Enter the required address in the Start field.
• Address range. Fill in the Start and End fields.
DMZ Users The settings that determine which DMZ computers on the DMZ network are affected
by this rule. The options are:
• Any. All PCs and devices on your DMZ network.
• Single address. Enter the required address to apply the rule to a single PC on the
• Address range. Enter the required addresses in the Start and End fields to apply
Note: This field is not applicable to inbound DMZ WAN rules.
QoS Profile The priority assigned to IP packets of this service. The priorities are defined by "Type
of Service (ToS) in the Internet Protocol Suite" standards, RFC 1349. The QoS
profile determines the priority of a service, which, in turn, determines the quality of
that service for the traffic passing through the firewall.
The VPN firewall marks the Type of Service (ToS) field as defined in the QoS profiles
that you create. For more information, see
Profiles" on page
Note: There is no default QoS profile on the VPN firewall. After you have created a
QoS profile, it can become active only when you apply it to a non-blocking inbound or
outbound firewall rule.
Note: This field is not applicable to LAN DMZ rules.
Log The setting that determines whether packets covered by this rule are logged. The
options are:
• Always. Always log traffic considered by this rule, whether it matches or not. This
• Never. Never log traffic considered by this rule, whether it matches or not.
Bandwidth Profile Bandwidth limiting determines the way in which the data is sent to and from your
host. The purpose of bandwidth limiting is to provide a solution for limiting the
outgoing and incoming traffic, thus preventing the LAN users from consuming all the
bandwidth of the Internet link. Bandwidth limiting occurs in the following ways:
• For outbound traffic. On the available WAN interface in the single WAN port mode
• For inbound traffic. On the LAN interface for all WAN modes.
For more information, see
Note: Bandwidth limiting does not apply to the DMZ interface.
Firewall Protection
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
DMZ network.
the rule to a range of DMZ computers.
4-34.
is useful when you are debugging your rules.
and auto-rollover mode, and on the selected interface in load balancing mode.
v1.0, April 2010
"Creating Quality of Service (QoS)
"Creating Bandwidth Profiles" on page 4-37.
4-9