Outbound Lan Traffic Options - D-Link NetDefend SOHO DFL-160 User Manual

Netdefend soho utm firewall

Hide thumbs Also See for NetDefend SOHO DFL-160:

Reference manual (356 pages)

Quick installation manual (61 pages)

Quick installation manual (33 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

Table of Contents

4.1. Outbound LAN Traffic Options

•

Anti-Virus scanning can be enabled for file downloads.

•

Intrusion Detection and Prevention (IDP) can be enabled to search streams of traffic for threats

against internal resources.

•

Time schedules can be set up which can be then used to specify the times when security policies

are applied.

•

Lists of users that are allowed to access protected resources can be specified.

The sections that follow describe the options in this menu in the order they appear.

4.1. Outbound LAN Traffic Options

The Meaning of Outbound

These options determine what types of traffic can pass between the LAN network on the protected

"inside" of the DFL-160 and the WAN interface when the connection is initiated by a client or host

on the LAN network.

For instance, the retrieval of data from a web server on the public Internet is still considered part of

outbound traffic if the retrieval request is initiated by a web surfer sitting on the LAN network.

Allowing Services

A Service refers to a higher level protocol such as the HTTP protocol used for web surfing and is a

convenient way of identifying different types of data traffic. The presentation of the first few

choices in the web interface is shown below.

By default, all services are allowed, that is to say, no connections initiated from the LAN network

are blocked.

It is recommended, however, to try and impose restrictions that match the expected needs of the

clients and hosts on the LAN network. For instance, selecting only the HTTP and HTTPS protocols

allows only web surfing to take place from the LAN network and other protocols such as FTP will

not be allowed.

Connections from the LAN to the DMZ

Connections initiated from the LAN network to hosts on the DMZ network are always allowed.

However, the opposite is never true: connections initiated by hosts on the DMZ network are never

allowed to the LAN network.

This arrangement prevents a host that becomes infected on the DMZ spreading the problem to the

LAN network.

Specifying Custom Traffic

Chapter 4. The Firewall Menu

Table of Contents

Outbound Lan Traffic Options - D-Link NetDefend SOHO DFL-160 User Manual

4.1. Outbound LAN Traffic Options

Troubleshooting

Related Manuals for D-Link NetDefend SOHO DFL-160

Related Content for D-Link NetDefend SOHO DFL-160

Table of Contents