ZyXEL Communications Corporation OX253P Manuel D’Utilisation
Chapter 11 The Firewall Screens
OX253P User’s Guide
120
The OX253P can be used to prevent theft, destruction and modification of data, as
well as log events, which may be important to the security of your network.
well as log events, which may be important to the security of your network.
The OX253P is installed between the LAN and a WiMAX base station connecting to
the Internet. This allows it to act as a secure gateway for all data passing between
the Internet and the LAN.
the Internet. This allows it to act as a secure gateway for all data passing between
the Internet and the LAN.
The OX253P has one Ethernet (LAN) port. The LAN (Local Area Network) port
attaches to a network of computers, which needs security from the outside world.
These computers will have access to Internet services such as e-mail, FTP and the
World Wide Web. However, “inbound access” is not allowed (by default) unless the
remote host is authorized to use a specific service.
attaches to a network of computers, which needs security from the outside world.
These computers will have access to Internet services such as e-mail, FTP and the
World Wide Web. However, “inbound access” is not allowed (by default) unless the
remote host is authorized to use a specific service.
11.2 Firewall Setting
This section describes firewalls and the built-in OX253P’s firewall features.
11.2.1 Firewall Rule Directions
Figure 48 Firewall Rule Directions
LAN-to-WAN rules are local network to Internet firewall rules. The default is to
forward all traffic from your local network to the Internet.
forward all traffic from your local network to the Internet.
You can block certain LAN-to-WAN traffic in the Services screen (click the
Services tab). All services displayed in the Blocked Services list box are LAN-
to-WAN firewall rules that block those services originating from the LAN.
Services tab). All services displayed in the Blocked Services list box are LAN-
to-WAN firewall rules that block those services originating from the LAN.
Blocked LAN-to-WAN packets are considered alerts. Alerts are “higher priority
logs” that include system errors, attacks and attempted access to blocked web
sites. Alerts appear in red in the View Log screen. You may choose to have alerts
e-mailed immediately in the Log Settings screen.
logs” that include system errors, attacks and attempted access to blocked web
sites. Alerts appear in red in the View Log screen. You may choose to have alerts
e-mailed immediately in the Log Settings screen.