Lancom Systems 7111 VPN User Manual
Page 65
LANCOM 7111 VPN – LANCOM 8011 VPN
̈
Chapter 8: Security settings
65
EN
̈
Have you assigned a password for the configuration?
The simplest option for the protection of the configuration is the estab-
lishment of a password. As long as a password hasn't been set, anyone
can change the configuration of the device. The field for entering the
password is contained in LANconfig in the 'Management' configuration
area on the 'Security' tab. It is particularly required to assign a password
to the configuration if you want to allow remote configuration.
̈
Have you permitted remote configuration?
If you do not require remote configuration, then deactivate it. If you
require remote configuration, then be sure to assign a password protec-
tion for the configuration (see previous section). The field for deactivating
the remote configuration is also contained in LANconfig in the 'Manage-
ment' configuration area on the 'Security' tab. Select here under 'Access
rights - of remote networks' for all types of configuration the option 'not
allowed'.
̈
Have you provided the SNMP configuration with a password?
Also protect the SNMP configuration with a password. The field for pro-
tection of the SNMP configuration with a password is also contained in
LANconfig in the 'Management' configuration area on the 'Security' tab.
̈
Have you activated the Firewall?
The Stateful Inspection Firewall of the LANCOM ensures that your local
network cannot be attacked from the outside . The Firewall can be ena-
bled in LANconfig under ’Firewall/QoS’ on the register card ’General’.
̈
Do you make use of a ’Deny All’ Firewall strategy?
For maximum security and control you prevent at first any data transfer
through the Firewall. Only those connections, which are explicitly desired
have to allowed by the a dedicated Firewall rule then. Thus ’Trojans’ and
certain Email viruses loose their communication way back. The Firewall
rules are summarized in LANconfig under ’Firewall/Qos’ on the register
card ’Rules’.
̈
Have you activated the IP masquerading?
IP masquerading is the hiding place for all local computers for connection
to the Internet. Only the router module of the unit and its IP address are
visible on the Internet. The IP address can be fixed or assigned dynami-
cally by the provider. The computers in the LAN then use the router as a
gateway so that they themselves cannot be detected. The router separates
Internet and intranet, as if by a wall. The use of IP masquerading is set