Motorola SBG940 ユーザーズマニュアル
13
SBG940 User Guide
X
Exit
Print
DMZ
A de-militarized zone (
) is one or more computers logically located outside the firewall between an SBG940
LAN and the Internet. A DMZ prevents direct access by outside users to private data.
For example, you can set up a web server
on a DMZ computer to enable outside users to access your website
without exposing confidential data on your network.
A DMZ can also be useful to play interactive games that may have a problem running through a firewall. You can
leave a computer used for gaming only exposed to the Internet while protecting the rest of your network. For more
information, see “
leave a computer used for gaming only exposed to the Internet while protecting the rest of your network. For more
information, see “
Port Triggering
When you run an application that accesses the Internet, it typically initiates communications with a computer on
the Internet. For some applications, especially gaming, the computer on the Internet also initiates communications
with your computer. Because NAT does not normally allow these incoming connections:
the Internet. For some applications, especially gaming, the computer on the Internet also initiates communications
with your computer. Because NAT does not normally allow these incoming connections:
•
The SBG940 has preconfigured port triggers for common applications.
•
If needed, you can configure additional port triggers on the
.
Wireless Security
Because WLAN data is transmitted using radio signals, it may be possible an unauthorized person to access your
WLAN unless you prevent them from doing so. To prevent unauthorized eavesdropping of data transmitted over
your LAN, you must enable wireless security. The default SBG940 settings neither provide security for
transmitted data nor protect network data from unauthorized intrusions.
WLAN unless you prevent them from doing so. To prevent unauthorized eavesdropping of data transmitted over
your LAN, you must enable wireless security. The default SBG940 settings neither provide security for
transmitted data nor protect network data from unauthorized intrusions.
The SBG940 provides the following wireless security measures, which are described in “
•
To prevent unauthorized eavesdropping, you must encrypt data transmitted over the wireless interface using
one of:
one of:
— If all of your wireless clients support Wi-Fi
®
Protected Access (WPA) encryption, we recommend using
WPA (see “
— Otherwise, configure a Wired Equivalency Privacy (WEP) key on the SBG940 and each WLAN client
(see “
•
To protect LAN data from unauthorized intrusions, you can restrict WLAN access to computers having one or
both of:
both of:
— Known MAC addresses (see “
— The same unique network name (
)
as the SBG940 (see “
Restricting access to computers having the same network name is also called “disabling ESSID broadcasting” or
“enabling closed network operation.”
“enabling closed network operation.”