Manualshelf

User`s manual

ManualsBrandsD-Link ManualsComputer equipmentD DFL-500 DFL-500
21222324252627282930
Policy information
Policies direct the firewall to perform actions when a connection request matches the identifying information.
A policy can specify that the firewall accepts, denies, or requests authentication for the connection. A policy
can also trigger traffic log messages when the policy processes traffic and can apply traffic shaping to the
traffic controlled by the policy.
The parts of a DFL-500 policy
Identifying information
Source
Address
The IP address from which a user or service can connect to the firewall.
Destination
Address
The location to which a user or service is attempting to connect when intercepted by the firewall.
Schedule The time or date on which a policy is active.
Service The network service to be provided through the firewall.
Action
Action
The response of the firewall. The firewall can accept the connection, deny the connection, or require
the user attempting to make the connection to provide authentication.
Log Traffic
Log Traffic adds messages to the traffic log whenever the policy processes traffic. For information
about logging, see Logging and reporting
.
Traffic Shaping
Traffic Shaping can be used to control the bandwidth available to, and set the priority of the traffic
processed by the policy. For more information about traffic shaping, see Traffic shaping
Default policy
The default policy accepts connections from all computers at any source address on the internal network and
grants them access to any services on the external network (usually the Internet). The default policy appears
in the Int to Ext policy list when running in NAT mode and in the Outgoing policy list when running in
Transparent mode. Default policy shows the default policy.
Default policy
Adding policies
Policies are simple to add. For example, to prevent users on the internal network connecting to FTP servers
on the Internet add an Int to Ext policy that denies connections to the FTP service as shown in Sample Int to
Ext policy to deny FTP connections.
Sample Int to Ext policy to deny FTP connections:
DFL-500 User’s Manual
24