Netgear SRX5308 SRX5308 Reference Manual - Page 93
Services-Based Rules, Outbound rules service blocking, Inbound rules port forwarding - qos
UPC - 606449065145
View all Netgear SRX5308 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 93 highlights
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual The firewall rules for blocking and allowing traffic on the VPN firewall can be applied to a combination of LAN-WAN traffic, DMZ-WAN traffic, and LAN-DMZ traffic. Table 4-1. Number of Supported Firewall Rule Configurations Traffic Rule LAN WAN DMZ WAN LAN DMZ Maximum Number of Supported Rules Maximum Number of Maximum Number of Maximum Number of Outbound Rules Inbound Rules Supported Rules 200 200 200 200 200 200 200 200 200 300 300 600 The maximum number of supported outbound rules is 300, and the maximum number of supported inbound rules is 300. The total number of supported inbound and outbound rules is therefore 600. Per traffic rule category (LAN WAN, DMZ WAN, or LAN DMZ), you can configure a total of 200 rules in any combination of outbound and inbound rules. However, the maximum number of outbound rules for all three categories cannot exceed 300. Similarly, the maximum number of inbound rules for all three categories cannot exceed 300. Services-Based Rules The rules to block traffic are based on the traffic's category of service: • Outbound rules (service blocking). Outbound traffic is normally allowed unless the firewall is configured to disallow it. • Inbound rules (port forwarding). Inbound traffic is normally blocked by the firewall unless the traffic is in response to a request from the LAN side. The firewall can be configured to allow this otherwise blocked traffic. • Customized services. Additional services can be added to the list of services in the factory default list. These added services can then have rules defined for them to either allow or block that traffic (see "Adding Customized Services" on page 4-31). • Quality of Service (QoS) priorities. Each service has its own native priority that impacts its quality of performance and tolerance for jitter or delays. You can change the QoS priority, which changes the traffic mix through the system (see "Creating Quality of Service (QoS) Profiles" on page 4-34). Firewall Protection 4-3 v1.0, April 2010