ZyXEL 2WG Guida Utente
ZyWALL 2WG User’s Guide
241
C
H A P T E R
12
Firewall Screens
12.1 Overview
A firewall is a system that enforces an access-control policy between two networks. It is
generally a mechanism used to protect a trusted network from an untrusted network.
The ZyWALL physically separates the LAN, DMZ, WLAN and the WAN and acts as a secure
gateway for all data passing between the networks. The ZyWALL protects against Denial of
Service (DoS) attacks, prevents theft, destruction and modification of data, and logs events.
Enable the firewall to protect your LAN computers from attacks by hackers on the Internet and
control access between the LAN, DMZ, WLAN and WAN. By default the firewall:
generally a mechanism used to protect a trusted network from an untrusted network.
The ZyWALL physically separates the LAN, DMZ, WLAN and the WAN and acts as a secure
gateway for all data passing between the networks. The ZyWALL protects against Denial of
Service (DoS) attacks, prevents theft, destruction and modification of data, and logs events.
Enable the firewall to protect your LAN computers from attacks by hackers on the Internet and
control access between the LAN, DMZ, WLAN and WAN. By default the firewall:
• allows traffic that originates from your LAN computers to go to all of the networks.
• blocks traffic that originates on the other networks from going to the LAN.
• allows traffic that originates on the WLAN to go to the WAN.
• allows traffic that originates on the WAN to go to the DMZ and protects your DMZ
• blocks traffic that originates on the other networks from going to the LAN.
• allows traffic that originates on the WLAN to go to the WAN.
• allows traffic that originates on the WAN to go to the DMZ and protects your DMZ
computers against DoS attacks.
• allows VPN traffic between any of the networks.
The following figure illustrates the default firewall action. User A can initiate an IM (Instant
Messaging) session from the LAN to the WAN (1). Return traffic for this session is also
allowed (2). However other traffic initiated from the WAN is blocked (3 and 4).
Messaging) session from the LAN to the WAN (1). Return traffic for this session is also
allowed (2). However other traffic initiated from the WAN is blocked (3 and 4).
Figure 148 Default Firewall Action
Your customized rules take precedence and override the ZyWALL’s default settings. The
ZyWALL checks the source IP address, destination IP address and IP protocol type of network
traffic against the firewall rules (in the order you list them). When the traffic matches a rule,
the ZyWALL takes the action specified in the rule.
ZyWALL checks the source IP address, destination IP address and IP protocol type of network
traffic against the firewall rules (in the order you list them). When the traffic matches a rule,
the ZyWALL takes the action specified in the rule.