ZyXEL Communications P-324 User Manual

 

12-2 

Firewall 

 

The Prestige can be used to prevent theft, destruction and modification of data, as well as log events, which 
may be important to the security of your network.  

The Prestige is installed between the LAN and a broadband modem connecting to the Internet. This allows 
it to act as a secure gateway for all data passing between the Internet and the LAN. 

The Prestige has one Ethernet WAN port and four Ethernet LAN ports, which are used to physically 
separate the network into two areas. 

The WAN (Wide Area Network) port attaches to the broadband (cable or DSL) modem to the Internet. 

The LAN (Local Area Network) port attaches to a network of computers, which needs security from the 

outside world. These computers will have access to Internet services such as e-mail, FTP and the 
World Wide Web.  However, "inbound access" is not allowed (by default) unless the remote host is 
authorized to use a specific service. 

1.  Change the default password via web configurator.  

Think about access control before you connect to the network in any way, including attaching a modem to 

the port.  

Limit who can access your router.  

Don't enable any local service (such as SNMP or NTP) that you don't use. Any enabled service could 

present a potential security risk. A determined hacker might be able to find creative ways to misuse the 
enabled services to access the firewall or the network.  

For local services that are enabled, protect against misuse. Protect by configuring the services to 

communicate only with specific peers, and protect by configuring rules to block packets for the 
services at specific interfaces.  

Protect against IP spoofing by making sure the firewall is active.  

Keep the firewall in a secured (locked) room.