ZyXEL Communications EMG5324-D10A User Manual
Chapter 13 Firewall
EMG5324-D10A User’s Guide
178
13.1.2 What You Need to Know
Firewall
The Device’s firewall feature physically separates the LAN/WLAN and the WAN and acts as a secure
gateway for all data passing between the networks.
gateway for all data passing between the networks.
It is designed to protect against Denial of Service (DoS) attacks when activated. The Device's
purpose is to allow a private Local Area Network (LAN) to be securely connected to the Internet.
The Device can be used to prevent theft, destruction and modification of data, as well as log events,
which may be important to the security of your network.
purpose is to allow a private Local Area Network (LAN) to be securely connected to the Internet.
The Device can be used to prevent theft, destruction and modification of data, as well as log events,
which may be important to the security of your network.
The Device is installed between the LAN/WLAN and a broadband modem connecting to the Internet.
This allows it to act as a secure gateway for all data passing between the Internet and the LAN.
This allows it to act as a secure gateway for all data passing between the Internet and the LAN.
The Device has one Ethernet WAN port and four Ethernet LAN ports, which are used to physically
separate the network into two areas.The WAN (Wide Area Network) port attaches to the broadband
(cable or DSL) modem to the Internet.
separate the network into two areas.The WAN (Wide Area Network) port attaches to the broadband
(cable or DSL) modem to the Internet.
The LAN (Local Area Network) port attaches to a network of computers, which needs security from
the outside world. These computers will have access to Internet services such as e-mail, FTP and
the World Wide Web. However, "inbound access" is not allowed (by default) unless the remote host
is authorized to use a specific service.
the outside world. These computers will have access to Internet services such as e-mail, FTP and
the World Wide Web. However, "inbound access" is not allowed (by default) unless the remote host
is authorized to use a specific service.
DoS
Denials of Service (DoS) attacks are aimed at devices and networks with a connection to the
Internet. Their goal is not to steal information, but to disable a device or network so users no longer
have access to network resources. The ZyXEL Device is pre-configured to automatically detect and
thwart all known DoS attacks.
Internet. Their goal is not to steal information, but to disable a device or network so users no longer
have access to network resources. The ZyXEL Device is pre-configured to automatically detect and
thwart all known DoS attacks.
ICMP
Internet Control Message Protocol (ICMP) is a message control and error-reporting protocol
between a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP) datagrams,
but the messages are processed by the TCP/IP software and directly apparent to the application
user.
between a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP) datagrams,
but the messages are processed by the TCP/IP software and directly apparent to the application
user.
Finding Out More
See
for advanced technical information on firewall.
13.2 The General Screen
Use this screen to set the security level of the firewall on the Device. Firewall rules are grouped
based on the direction of travel of packets to which they apply.
based on the direction of travel of packets to which they apply.