Wireless Firewall; Defining A Firewall Configuration - Motorola Solutions WiNG 5.2.6 Reference Manual

7 - 2 WiNG 5.2.6 Access Point System Reference Guide

7.1 Wireless Firewall

A Firewall is a mechanism enforcing access control, and is considered a first line of defense in protecting proprietary
information within the wireless network. The means by which this is accomplished varies, but in principle, a Firewall
can be thought of as mechanisms both blocking and permitting data traffic within the wireless network. Firewalls
implement uniquely defined access control policies, so if you don't have an idea of what kind of access to allow or
deny, a Firewall is of little value, and in fact could provide a false sense of security.
With Motorola Solutions' access points, Firewalls are configured to protect against unauthenticated logins from
outside the wireless network. This helps prevent hackers from accessing wireless clients within the access point
managed network. Well designed Firewalls block traffic from outside the network, but permit authorized users to
communicate freely outside the network.
Firewalls can be implemented in both hardware and software, or a combination of both. All messages entering or
leaving the wireless network pass through the Firewall, which examines each message and blocks those not meeting
the defined security criteria (rules).
Firewall rules define traffic permitted or denied within the wireless network. Rules are processed by a Firewall device
from first to last. When a rule matches the network traffic an access point is processing, the Firewall uses that rule's
action to determine whether traffic is allowed or denied.
Rules comprise conditions and actions. A condition describes a packet traffic stream. Define constraints on the source
and destination device, the service (for example, protocols and ports), and the incoming interface. An action describes
what should occur to packets matching set conditions. For example, if the packet stream meets all conditions, traffic
is permitted, authenticated and sent to the destination device.
Additionally, IP and MAC rule based Firewall filtering can be deployed to apply Firewall policies to traffic being
bridged by radios. IP and MAC filtering can be employed to permit or restrict traffic exchanged between hosts, hosts
residing on separate WLANs or hosts forwarding traffic to wired devices.
For more information, refer to the following:
•

Defining a Firewall Configuration

• Configuring IP Firewall Rules
• Configuring MAC Firewall Rules
7.1.1 Defining a Firewall Configuration

Wireless Firewall
To configure a Firewall:
1. Select Configuration
The Wireless Firewall
the single Firewall policy used by the access point and its connected devices. The Denial of Service tab displays
be default.
> Security > Wireless Firewall
screen lists Denial of Service, Storm Control and Advanced Setting tabs used to create
to display existing Firewall policies.