ZyXEL 35 Betriebsanweisung

 

 

All contents copyright (c) 2006 ZyXEL Communications Corporation.   

287

the outside world. LAN users are invisible to outside users. So, to make an internal server for outside access, we 

must specify the service port and the LAN IP of this server in Menu 15. Thus NAT is able to forward the 

incoming packets to the requested service behind NAT and the outside users access the server using the 

ZyWALL's WAN IP address. So, we have to configure the internal IPSec as a default server (unspecified 

service port) in menu 15 when it acts a server gateway. 

 

When the ZyWALL is set to bridge mode, (R)STP detects and breaks network loops and provides backup 

links between switches, bridges or routers. It allows a bridge to interact with other (R)STP-compliant 

bridges in your network to ensure that only one path exists between any two stations on the network. The 

configuration is especially for the advanced user who knows the protocol well. 

 

(1) For a ZyWALL with router mode, following are the inspection flow for inbound and outgoing traffic. 

Traffic from WAN:    -> NAT -> Firewall-> Policy Route -> Load Balance -> Static Route -> IDP -> AV 

-> AS ->

 

CF -> BWM 

Traffic to WAN:    -> Firewall -> Policy Route -> Load Balance -> Static Route -> IDP -> AV -> AS -> 

CF -> BMW -> NAT 

 

(2) For a ZyWALL with bridge mode, the inspection flow is as following. 

Traffic will be handled:      -> Firewall-> IDP -> AV -> AS ->

 

CF -> BWM 

 

UTM stands for Unified Threat Management and is a term describing a firewall appliance that integrates 

multiple security features, including Anti-Virus, IDP, Anti-Spam and VPN features, into a single box. 

Armed with the UTM appliance, the IT staff can manage the emerging threats from Internet, having lower 

TCO and reduced management overhead.