159
eircom D10
00 modem User’s Guide
Chapter 13 Firewall
Note: You can also configure the remote management settings to allow only a specific
computer to manage the Device.
• LAN to WAN
These rules specify which computers on the LAN can access which computers or services on the
WAN.
By default, the Device’s stateful packet inspection drops packets traveling in the following
directions:
• WAN to LAN
These rules specify which computers on the WAN can access which computers or services on the
LAN.
Note: You also need to configure NAT port forwarding (or full featured NAT address
mapping rules) to allow computers on the WAN to access devices on the LAN.
• WAN to Router
By default the Device stops computers on the WAN from managing the Device. You could
configure one of these rules to allow a WAN computer to manage the Device.
Note: You also need to configure the remote management settings to allow a WAN
computer to manage the Device.
You may define additional rules and sets or modify existing ones but please exercise extreme
caution in doing so.
For example, you may create rules to:
• Block certain types of traffic, such as IRC (Internet Relay Chat), from the LAN to the Internet.
• Allow certain types of traffic, such as Lotus Notes database synchronization, from specific hosts
on the Internet to specific hosts on the LAN.
• Allow everyone except your competitors to access a web server.
• Restrict use of certain protocols, such as Telnet, to authorized users on the LAN.
These custom rules work by comparing the source IP address, destination IP address and IP
protocol type of network traffic to rules set by the administrator. Your customized rules take
precedence and override the Device’s default rules.
13.6.2 Guidelines For Enhancing Security With Your Firewall
6
Change the default password via web configurator.
7
Think about access control before you connect to the network in any way.
8
Limit who can access your router.
9
Don't enable any local service (such as telnet or FTP) that you don't use. Any enabled service could
present a potential security risk. A determined hacker might be able to find creative ways to misuse
the enabled services to access the firewall or the network.
Summary of Contents for eircom D1000
Page 2: ...Copyright 2013 ZyXEL Communications Corporation...
Page 3: ......
Page 12: ...10 eircom D1000 modem User s Guide...
Page 13: ...PART I User s Guide 11...
Page 14: ...12...
Page 18: ...16 eircom D1000 modem User s Guide...
Page 26: ...Chapter 2 Introducing the Web Configurator 24 eircom D1000 modem User s Guide...
Page 27: ...PART II Technical Reference 25...
Page 28: ...26...
Page 78: ...76 eircom D1000 modem User s Guide Chapter 5 Wireless LAN...
Page 110: ...10 8 eircom D1000 modem User s Guide Chapter 6 Home Networking...
Page 126: ...Chapter 8 Quality of Service QoS 124 eircom D1000 modem User s Guide...
Page 136: ...134 eircom D1000 modem User s Guide Chapter 9 Network Address Translation NAT...
Page 148: ...146 eircom D1000 modem User s Guide Chapter 12 Filter...
Page 168: ...Chapter 14 Parental Control 166 eircom D1000 modem User s Guide...
Page 174: ...Chapter 15 Certificates 172 eircom D1000 modem User s Guide...
Page 180: ...178 eircom D1000 modem User s Guide Chapter 17 Traffic Status...
Page 182: ...180 eircom D1000 modem User s Guide Chapter 18 User Account...
Page 184: ...182 eircom D1000 modem User s Guide Chapter 19 System Setting...
Page 187: ...185 eircom D1000 modem User s Guide Chapter 20 Time Setting...
Page 188: ...Chapter 20 Time Setting 186 eircom D1000 modem User s Guide...
Page 196: ...Chapter 23 Backup Restore 194 eircom D1000 modem User s Guide...
Page 210: ...Chapter 25 Diagnostic 208 eircom D1000 modem User s Guide...
Page 216: ...214 eircom D1000 modem User s Guide Chapter 27 LED Descriptions...