Netgear SRXN3205 SRXN3205 Reference Manual - Page 88
Outbound Rules Example, Enabling Session Limits, LAN WAN Outbound Rule: Blocking Instant Messenger
UPC - 606449057461
View all Netgear SRXN3205 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 88 highlights
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 2. Place the new rule below all other inbound rules. Note: For security, NETGEAR strongly recommends that you avoid creating an exposed host. When a computer on your LAN is designated as the exposed host, it loses much of the protection of the firewall and is exposed to many exploits from the Internet. If compromised, the computer can be used to attack your network. Outbound Rules Example Outbound rules let you prevent users from using applications such as Instant Messenger, Real Audio, or other non-essential services. LAN WAN Outbound Rule: Blocking Instant Messenger To block Instant Messenger usage by employees during working hours, you can create an outbound rule to block that application from any internal IP address to any external address according to the schedule that you have created in the Schedule menu. You can also have the firewall log any attempt to use Instant Messenger during that blocked period. Enabling Session Limits This page allows you to specify total number sessions per user (IP) allowed across the router. Session limiting is disabled by default. When enabling session limiting you can give the maximum number of sessions per IP either in percentage of maximum sessions or absolute number of maximum sessions. If you want to give the maximum number of sessions per IP in percentage check "yes" radio button otherwise check "No" radio button. The percentage is computed on the total connection capacity of the device. "User Limit" specifies the maximum number of sessions that should be allowed via router from a single source machine (i.e. session limiting is per machine based) as percentage of total connection capacity. Note that some protocols like ftp, rstp create two sessions per connection which should be considered when configuring session limiting. The label "Total Number of Packets Dropped due to Session Limit:" shows total number of packets dropped when session limit is reached The Session TimeOut table displays the TCP, UDP and ICMP Timeout values. Default Timeout values are 1200 seconds for Tcp,180 seconds for Udp and 8 seconds for Icmp. Timeout values can also be configured with user defined values. The maximum value for timeout is 43200 seconds. 5-14 Firewall Security and Content Filtering v1.0, October 2008