Netgear FVS318N User Manual
Firewall Protection
178
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
These are the default QoS profiles that are preconfigured and that cannot be edited:
•
Normal-Service. Used when no special priority is given to the traffic. IP packets are
marked with a ToS value of 0.
marked with a ToS value of 0.
•
Minimize-Cost. Used when data needs to be transferred over a link that has a lower cost.
IP packets are marked with a ToS value of 2.
IP packets are marked with a ToS value of 2.
•
Maximize-Reliability. Used when data needs to travel to the destination over a reliable
link and with little or no retransmission. IP packets are marked with a ToS value of 4.
link and with little or no retransmission. IP packets are marked with a ToS value of 4.
•
Maximize-Throughput. Used when the volume of data transferred during an interval is
important even if the latency over the link is high. IP packets are marked with a ToS value
of 8.
important even if the latency over the link is high. IP packets are marked with a ToS value
of 8.
•
Minimize-Delay. Used when the time required (latency) for the packet to reach the
destination needs to be low. IP packets are marked with a ToS value of 16.
destination needs to be low. IP packets are marked with a ToS value of 16.
Configure Content Filtering
To restrict internal LAN users from access to certain sites on the Internet, you can use the
content filtering and web component blocking features of the wireless VPN firewall. By
default, these features are disabled; all requested traffic from any website is allowed. If you
enable one or more of these features and users try to access a blocked site, they will see a
“Blocked by NETGEAR” message.
content filtering and web component blocking features of the wireless VPN firewall. By
default, these features are disabled; all requested traffic from any website is allowed. If you
enable one or more of these features and users try to access a blocked site, they will see a
“Blocked by NETGEAR” message.
Note:
Content filtering is supported for IPv4 users and groups only.
Several types of blocking are available:
•
Web component blocking. You can block the following web component types: proxy,
Java, ActiveX, and cookies. Even sites that are listed in the Trusted Domains table are
subject to web component blocking when the blocking of a particular web component is
enabled.
Java, ActiveX, and cookies. Even sites that are listed in the Trusted Domains table are
subject to web component blocking when the blocking of a particular web component is
enabled.
-
Proxy. A proxy server (or simply, proxy) allows computers to route connections to
other computers through the proxy, thus circumventing certain firewall rules. For
example, if connections to a specific IP address are blocked by a firewall rule, the
requests can be routed through a proxy that is not blocked by the rule, rendering the
restriction ineffective. Enabling this feature blocks proxy servers.
other computers through the proxy, thus circumventing certain firewall rules. For
example, if connections to a specific IP address are blocked by a firewall rule, the
requests can be routed through a proxy that is not blocked by the rule, rendering the
restriction ineffective. Enabling this feature blocks proxy servers.
-
Java. Blocks Java applets from being downloaded from pages that contain them.
Java applets are small programs embedded in web pages that enable dynamic
functionality of the page. A malicious applet can be used to compromise or infect
computers. Enabling this setting blocks Java applets from being downloaded.
Java applets are small programs embedded in web pages that enable dynamic
functionality of the page. A malicious applet can be used to compromise or infect
computers. Enabling this setting blocks Java applets from being downloaded.