Dell PowerConnect W-IAP3WN Dell Instant 6.2.0.0-3.2.0.0 User Guide - Page 155
Instant Firewall
View all Dell PowerConnect W-IAP3WN manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 155 highlights
Chapter 14 Instant Firewall A firewall is a system designed to prevent unauthorized Internet users from accessing a private network connected to the Internet. It defines access rules and monitors all data entering or leaving the network and blocks data that does not satisfy the specified security policies. Dell W-Instant implements a W-Instant Firewall feature that uses a simplified firewall policy language. An administrator can define the firewall policies on an SSID or wireless LAN such as the Guest network or an Employee network. At the end of the authentication process, these policies are uniformly applied to users connected to that network. The W-Instant Firewall gives you the flexibility to limit packets or bandwidth available to a particular class of users. Instant Firewall manages packets according to the first rule the packet matches. 1. In the Networks tab, click the New link. The New WLAN window appears. 2. Navigate to Access tab to specify the access rules for the network. 3. Slide to Network-based using the scroll bar and click New to add a new rule. The New Rule window consists of the following options: l Rule type- Select the rule type (Access control, VLAN assignment) from the drop-down list. NOTE: This release of W-Instant supports configuration of up to 64 access control rules. l Action- Select Allow, Deny, or Destination-NAT from the drop-down list to allow or deny traffic with the specified service type and destination. l Log- Select this check box if you want a log entry to be created when this rule is triggered. Instant firewall supports firewall based logging function. Firewall logs on W-IAP are generated as syslog messages. l Blacklist- Select this check box if you want the client to be blacklisted when this rule is triggered. The blacklisting lasts for the duration specified as Auth failure blacklist time on the Blacklisting tab of the PEF window. See "Client Blacklisting" on page 255 for more information. l Classify media- Select this check box if you want to prioritize video and voice traffic. When enabled, deep packet inspection is performed on all non-NATed traffic, and the traffic is marked as follows: l Video: Priority 5 (Critical) l Voice: Priority 6 (Internetwork Control) l Disable scanning- Select this check box if you want ARM scanning to be paused when this rule is triggered, to optimize performance. NOTE: This feature only takes effect if ARM scanning is enabled, from the ARM tab of the RF dialog. Dell PowerConnect W-Series Instant Access Point 6.2.0.0-3.2.0.0 | User Guide 155 | Instant Firewall