Netgear UTM9S – ProSECURE Unified Threat Management (UTM) Appliance with DSL and Wireless modules 参照マニュアル

Web object blocking. You can block the following web component types: embedded 
objects (ActiveX, Java, Flash), proxies, and cookies; and you can disable 
JavaScripts. For more information, see 

Setting the size of Web files to be scanned. Scanning large web files requires 
network resources and might slow down traffic. You can specify the maximum size of 
the files that are scanned, and if files that exceed the maximum size are skipped 
(which might compromise security) or blocked. For more information, see 

For these features (with the exception of web object blocking and setting the size of files 
to be scanned), you can set schedules to specify when web content is filtered (see 

on page 199), and configure exceptions for groups (see 

If you want to reduce outgoing traffic by preventing Internet access by certain PCs on the 
LAN, you can use the source MAC filtering feature to drop the traffic received from the PCs 
with the specified MAC addresses. By default, this feature is disabled; all traffic received from 
PCs with any MAC address is allowed. See 

on page 164 for the 

procedure on how to use this feature.

Features That Increase Traffic

The following features of the UTM tend to increase the traffic load on the WAN side:

LAN WAN inbound rules (also referred to as port forwarding)

DMZ WAN inbound rules (also referred to as port forwarding)

Port triggering

Enabling the DMZ port

Configuring exposed hosts

Configuring VPN tunnels

The LAN WAN Rules screen and the DMZ WAN Rules screen list all existing rules for 
inbound traffic (from WAN to LAN and from WAN to the DMZ). If you have not defined any 
rules, only the default rule is listed. The default rule blocks all access from outside except 
responses to requests from the LAN side. Any inbound rule that you create allows additional 
incoming traffic and therefore increases the traffic load on the WAN side.