P-660HW-T v2 User’s Guide
Table of Contents
15
9.4 Denial of Service
..............................................................................................
139
9.4.1 Basics
.....................................................................................................
139
9.4.2 Types of DoS Attacks
.............................................................................
140
9.4.2.1 ICMP Vulnerability
........................................................................
142
9.4.2.2 Illegal Commands (NetBIOS and SMTP)
......................................
142
9.4.2.3 Traceroute
.....................................................................................
143
9.5 Stateful Inspection
............................................................................................
143
9.5.1 Stateful Inspection Process
....................................................................
144
9.5.2 Stateful Inspection and the ZyXEL Device
..............................................
144
9.5.3 TCP Security
...........................................................................................
145
9.5.4 UDP/ICMP Security
................................................................................
145
9.5.5 Upper Layer Protocols
............................................................................
146
9.6 Guidelines for Enhancing Security with Your Firewall
......................................
146
9.6.1 Security In General
.................................................................................
146
9.7 Packet Filtering Vs Firewall
..............................................................................
147
9.7.1 Packet Filtering:
......................................................................................
147
9.7.1.1 When To Use Filtering
...................................................................
148
9.7.2 Firewall
...................................................................................................
148
9.7.2.1 When To Use The Firewall
............................................................
148
Chapter 10
Firewall Configuration
.........................................................................................
149
10.1 Access Methods
.............................................................................................
149
10.2 Firewall Policies Overview
............................................................................
149
10.3 Rule Logic Overview
.....................................................................................
150
10.3.1 Rule Checklist
.......................................................................................
150
10.3.2 Security Ramifications
..........................................................................
150
10.3.3 Key Fields For Configuring Rules
........................................................
151
10.3.3.1 Action
..........................................................................................
151
10.3.3.2 Service
........................................................................................
151
10.3.3.3 Source Address
...........................................................................
151
10.3.3.4 Destination Address
....................................................................
151
10.4 Connection Direction
......................................................................................
151
10.4.1 LAN to WAN Rules
...............................................................................
152
10.4.2 Alerts
.....................................................................................................
152
10.5 General Firewall Policy
...............................................................................
152
10.6 Firewall Rules Summary
...............................................................................
153
10.6.1 Configuring Firewall Rules
..................................................................
155
10.6.2 Customized Services
...........................................................................
158
10.6.3 Configuring a Customized Service
.....................................................
159
10.7 Example Firewall Rule
...................................................................................
159
10.8 Predefined Services
.......................................................................................
163
10.9 Anti-Probing
..................................................................................................
165