4 the firewall, nat and remote management, 1 lan-to-wan rules, Figure 102 firewall rule directions – ZyXEL Communications P-2302HWL-P1 Series User Manual

P-2302HW/HWL-P1 Series User’s Guide

190

Chapter 14 Firewall

The LAN (Local Area Network) port attaches to a network of computers, which needs security
from the outside world. These computers will have access to Internet services such as e-mail,
FTP and the World Wide Web. However, "inbound access" is not allowed (by default) unless
the remote host is authorized to use a specific service.

14.1.3 Guidelines For Enhancing Security With Your Firewall

1 Change the default password via web configurator.

2 Think about access control before you connect to the network in any way, including

attaching a modem to the port.

3 Limit who can access your router.

4 Don't enable any local service (such as telnet or FTP) that you don't use. Any enabled

service could present a potential security risk. A determined hacker might be able to find
creative ways to misuse the enabled services to access the firewall or the network.

5 For local services that are enabled, protect against misuse. Protect by configuring the

services to communicate only with specific peers, and protect by configuring rules to
block packets for the services at specific interfaces.

6 Protect against IP spoofing by making sure the firewall is active.

7 Keep the firewall in a secured (locked) room.

14.1.4 The Firewall, NAT and Remote Management

Figure 102 Firewall Rule Directions

14.1.4.1 LAN-to-WAN rules

LAN-to-WAN rules are local network to Internet firewall rules. The default is to forward all
traffic from your local network to the Internet.

You can block certain LAN-to-WAN traffic in the Services screen (click the Services tab). All
services displayed in the Blocked Services list box are LAN-to-WAN firewall rules that block
those services originating from the LAN.