ZyXEL P-2802HW-I1 User Guide - Page 156
General Firewall Policy Overview
View all ZyXEL P-2802HW-I1 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 156 highlights
Chapter 11 Firewalls • allows traffic that originates from your LAN computers to go to all of the networks. • blocks traffic that originates on the other networks from going to the LAN. Your customized rules take precedence and override the ZyXEL Device's default settings. The ZyXEL Device checks the source IP address, destination IP address and IP protocol type of network traffic against the firewall rules (in the order you list them). When the traffic matches a rule, the ZyXEL Device takes the action specified in the rule. 11.1.3 Guidelines For Enhancing Security With Your Firewall 1 Change the default password via web configurator. 2 Think about access control before you connect to the network in any way. 3 Limit who can access your router. 4 Don't enable any local service (such as telnet or FTP) that you don't use. Any enabled service could present a potential security risk. A determined hacker might be able to find creative ways to misuse the enabled services to access the firewall or the network. 5 For local services that are enabled, protect against misuse. Protect by configuring the services to communicate only with specific peers, and protect by configuring rules to block packets for the services at specific interfaces. 6 Protect against IP spoofing by making sure the firewall is active. 7 Keep the firewall in a secured (locked) room. 11.2 General Firewall Policy Overview Firewall rules are grouped based on the direction of travel of packets to which they apply. • LAN to LAN/ Router • LAN to WAN • WAN to LAN • WAN to WAN/ Router " The LAN includes both the LAN port and the WLAN. By default, the ZyXEL Device's stateful packet inspection allows packets traveling in the following directions: • LAN to LAN/ Router These rules specify which computers on the LAN can manage the ZyXEL Device (remote management) and communicate between networks or subnets connected to the LAN interface (IP alias). " You can also configure the remote management settings to allow only a specific computer to manage the ZyXEL Device. 156 P-2802H(W)(L)-I Series User's Guide