Firewall, 1 firewall overview, Chapter 9 firewall – ZyXEL Communications NBG410W3G User Manual

NBG410W3G Series User’s Guide

167

C

H A P T E R

9

Firewall

This chapter shows you how to configure your ZyXEL Device’s firewall.

9.1 Firewall Overview

The networking term firewall is a system or group of systems that enforces an access-control
policy between two networks. It is generally a mechanism used to protect a trusted network
from an untrusted network.
The ZyXEL Device physically separates the LAN, DMZ and the WAN and acts as a secure
gateway for all data passing between the networks. The ZyXEL Device protects against Denial
of Service (DoS) attacks, prevents theft, destruction and modification of data, and logs events.
Enable the firewall to protect your LAN computers from attacks by hackers on the Internet and
control access between the LAN, DMZ and WAN. By default the firewall:

• allows traffic that originates from your LAN computers to go to all of the networks.
• blocks traffic that originates on the other networks from going to the LAN.
• allows traffic that originates on the WAN to go to the DMZ and protects your DMZ

computers against DoS attacks.

The following figure illustrates the default firewall action. User A can initiate an IM (Instant
Messaging) session from the LAN to the WAN (1). Return traffic for this session is also
allowed (2). However other traffic initiated from the WAN is blocked (3 and 4).

Figure 96 Default Firewall Action

Your customized rules take precedence and override the ZyXEL Device’s default settings. The
ZyXEL Device checks the source IP address, destination IP address and IP protocol type of
network traffic against the firewall rules (in the order you list them). When the traffic matches
a rule, the ZyXEL Device takes the action specified in the rule.

WAN

LAN

Internet

3
4

1
2

A