Security, Firewall – Motorola SBG900 User Manual

12

SBG900 User Guide

Home

X

Exit

Print

Overview Installation Troubleshooting

Contact

FAQ

Specifications Glossary License

Configuration: Basic Gateway TCP/IP Wireless USB

Security

The SBG900 provides:

•

A

firewall

to protect the SBG900 LAN from undesired attacks over the Internet

•

Security measures to prevent eavesdropping of wireless data

Network Address Translation (

NAT

) provides some security because the IP addresses of SBG900 LAN computers

are not visible on the Internet.

The logical network diagram does not necessarily correspond to the network cabling. A full discussion of network
security is beyond the scope of this document.

SBG900 security measures shown in a logical network diagram

Firewall

The SBG900 firewall protects the SBG900 LAN from undesired attacks and other intrusions from the Internet. It
provides an advanced integrated

stateful-inspection

firewall supporting intrusion detection, session tracking, and

denial-of-service attack prevention. The firewall:

•

Maintains state data for every

TCP/IP

session on the

OSI

network and transport layers

•

Monitors all incoming and outgoing

packets

, applies the firewall policy to each one, and screens for improper

packets and intrusion attempts

•

Provides comprehensive logging for all:

—

User authentications

—

Rejected internal and external connection requests

—

Session creation and termination

—

Outside attacks (intrusion detection)

You can configure the firewall filters to set rules for port usage. For information about choosing a predefined
firewall policy template, see “

Setting the Firewall Policy

”.

SBG900

Firewall

Computer

Computer

Wired Ethernet LAN

Wireless LAN

Laptop

Computer

PDA

Wireless Security

:

WEP

shared key encryption

MAC access control list

Disable ESSID Broadcast

Internet

DMZ

computer