Additional Features; Security; Firewall; Settings - ZyXEL Communications Gateway 400 User Manual

Gateway 400 User Guide | Configuration
5.6.3

Additional Features

5.6.3.1 Additional Features
Quagga

Quagga is an open source service that offers management of dynamic routing protocols such as
OSPF or BGP. It consists of a core component named Zebra, which applies routing information to
your system.
In addition, there are two further components (OSPF, BGP), which receive routing information from
the network and pass it on to Zebra. The use of the components named above is optional, but if you
want to use dynamic routing protocols, you will need to enable at least the zebra service and one
routing protocol service. You can enable/disable the services on this page.
To configure the services themselves you need to login via the command line interface (CLI), which
is listening on the configured ports. The default user credentials to log in are the User Name "ad-
min" and the Password "admin". For security reasons, please change these credentials after en-
abling the appropriate services. For more information about configuring Quagga via the CLI, please
refer to the community documentation.
Zebra

Zebra is a core component, which applies routing information to your system. OSPF (Open Shortest
Path First) or BGP (Border Gateway Protocol) are used for sending and receiving the routing infor-
mation over the network. These two protocols must be activated separately before they can be
used.
5.7

Security

This screen dialog shows status information for the current security settings. The security settings
can be edited via the following menu items.
5.7.1

Firewall

5.7.1.1

Settings

Firewall

The Gateway 400 features a built-in Firewall to protect your home network and your Internet access
against unauthorized use. This firewall offers a comprehensive set of security settings to restrict In-
ternet access from the outside; it reduces the risk of hacker attacks and protects your network
against many common vulnerabilities and exposures.
The firewall of the Gateway 400 performs stateful packet inspection (SPI). Stateful inspection, also
referred to as Dynamic Packet Filtering, is a security feature which ensures that each data packet is
assigned to a specific active session. The data packets are analyzed in relation to their connection
state and stored in so-called dynamic state tables. The actual state of the data connection deter-
mines whether a data packet is forwarded or not. All data packets which do not match the defined
criteria, or which are likely to be part of a DoS attack, are discarded. With its SPI technology, the fire-
wall of the Gateway 400 is superior to conventional packet filter firewalls and therefore better suit-
ed for mission critical applications.
"Port Forwarding" on page 36
how to release the data traffic for these applications.
Enable IPv4 SPI: This option cannot be disabled.
34
describes how to define exceptions for individual applications and