Netgear FVS338 FVS338 Reference Manual - Page 136

FVS338 ProSafe VPN Firewall 50 Reference Manual You can bypass keyword blocking for trusted domains by adding the exact matching domain to the list of Trusted Domains. Access to the domains on this list by PCs even in the groups for which keyword blocking has been enabled will still be allowed without any blocking. • Web Component Blocking - You can block the following Web component types: Proxy, Java, ActiveX, and Cookies. Sites on the Trusted Domains list are still subject to Web component blocking when the blocking of a particular Web component has been enabled. See "Setting Block Sites (Content Filtering)" on page 4-22 for the procedure on how to use this feature. Source MAC Filtering If you want to reduce outgoing traffic by preventing Internet access by certain PCs on the LAN, you can use the source MAC filtering feature to drop the traffic received from the PCs with the specified MAC addresses. By default, this feature is disabled; all traffic received from PCs with any MAC address is allowed. See "Enabling Source MAC Filtering" on page 4-24 for the procedure on how to use this feature. VPN Firewall Features That Increase Traffic Features that tend to increase WAN-side loading are as follows: • Port forwarding • Port triggering • DMZ port • Exposed hosts • VPN tunnels Port Forwarding The firewall always blocks DoS (Denial of Service) attacks. A DoS attack does not attempt to steal data or damage your PCs, but overloads your Internet connection so you can not use it (i.e., the service is unavailable). You can also create additional firewall rules that are customized to block or allow specific traffic. Warning: This feature is for Advanced Administrators only! Incorrect configuration will cause serious problems. 6-4 Router and Network Management v1.0, March 2008