ZyXEL Communications Corporation EMG2926Q10A Manuel D’Utilisation
Chapter 17 Firewall
EMG2926-Q10A User’s Guide
136
3
Limit who can access your router.
4
Don't enable any local service (such as NTP) that you don't use. Any enabled service could present
a potential security risk. A determined hacker might be able to find creative ways to misuse the
enabled services to access the firewall or the network.
a potential security risk. A determined hacker might be able to find creative ways to misuse the
enabled services to access the firewall or the network.
5
For local services that are enabled, protect against misuse. Protect by configuring the services to
communicate only with specific peers, and protect by configuring rules to block packets for the
services at specific interfaces.
communicate only with specific peers, and protect by configuring rules to block packets for the
services at specific interfaces.
6
Protect against IP spoofing by making sure the firewall is active.
7
Keep the firewall in a secured (locked) room.
17.2 General Screen
Use this screen to enable or disable the EMG2926-Q10A’s firewall, and set up firewall logs. Click
Security > Firewall to open the General screen.
Security > Firewall to open the General screen.
Figure 92
Security > Firewall > General l
The following table describes the labels in this screen.
17.3 Services Screen
If an outside user attempts to probe an unsupported port on your EMG2926-Q10A, an ICMP
response packet is automatically returned. This allows the outside user to know the EMG2926-Q10A
exists. Use this screen to prevent the ICMP response packet from being sent. This keeps outsiders
from discovering your EMG2926-Q10A when unsupported ports are probed.
response packet is automatically returned. This allows the outside user to know the EMG2926-Q10A
exists. Use this screen to prevent the ICMP response packet from being sent. This keeps outsiders
from discovering your EMG2926-Q10A when unsupported ports are probed.
You can also use this screen to
enable service blocking, and enter/delete/modify the services you
want to block and the date/time you want to block them
enable/add/delete/modify an IPv4 firewall
rule
.
Table 58
Security > Firewall > General
LABEL
DESCRIPTION
Enable Firewall
Select this check box to activate the firewall. The EMG2926-Q10A performs access control
and protects against Denial of Service (DoS) attacks when the firewall is activated.
and protects against Denial of Service (DoS) attacks when the firewall is activated.
Apply
Click Apply to save the settings.
Cancel
Click Cancel to start configuring this screen again.