Installation guide

ManualsBrandsAztech ManualsNetworking110

100

Quadro Manual II: Administrator's Guide Administrator's Menus

Quadro4x, 4xi, 4xa, 4xia, 4xs, 4xis, Quadro16x, 16xi, 16xa, 16xia, 16xs, 16xis; (SW Version 3.1.x) 94

The Firewall Configuration page offers the following

components:

The Enable IDS checkbox selection enables the Intrusion

Detection System.

The Enable NAT checkbox selection enables Network Address

Translation.

The Enable Firewall checkbox selection enables the firewall

security service. The firewall security level has to be selected,

otherwise the firewall cannot be enabled.

The Firewall Security radio buttons are:

• Low Security - Everything that is not explicitly forbidden is

allowed. This security level doesn't block anything by

default. It is recommended if the device is already located

behind another firewall or if every filter has been configured

correctly.

• Medium Security - Traffic originating from the LAN side

may pass and traffic from the WAN side will be blocked by

default. This is the recommended security level.

• High Security - Everything that is not explicitly allowed will

be blocked, including traffic from the LAN side.

Advanced Firewall Settings link refers to page where Quadro’s

privacy can be configured.

The View Filter Rules link opens the

Filtering Rules page.

Fig. II-155: Firewall and NAT Settings page

Advanced Firewall Settings

Advanced Firewall Settings are used to deny Ping and

Portscanning operations addressed toward the device. With

these features enabled, Quadro will answer with inscrutable

messages to the Ping and Portscanning operations.

Please Note: Operations are available only when Firewall is

enabled from the

Firewall and NAT page.

The page offers the following components:

The Ping Stealth checkbox selection prohibits a Ping

operation toward Quadro from its WAN.

The Fool Portscanner checkbox selection prohibits Quadro

portscanning from its WAN. As a reply to a Portscanning

operation, "network unreachable" or "host unreachable"

feedback messages will be sent.

Fig. II-156: Advanced Firewall Settings page

Filtering Rules

The Filtering Rules page allows the configuration of filters for the incoming and outgoing traffic.

To prevent misconfiguration, only one rule per service is allowed. The user may use IP groups to include several IP addresses for this rule. As the

filtering rules specify the operation mode of the firewall, they only take effect if the firewall has been enabled (additionally NAT should be enabled to

use the Port Forwarding function in the Incoming Traffic / Port Forwarding filtering rules). The filtering rules are independent from the security

level, so they will work if enabled, no matter what security level has been selected.

Please Note: Applying firewall rules will just prevent the establishment of new connections that violate the rules. Applying rules does not kill existing

connections that violate the rule.