User guide

Chapter 4 - ProxyServer Software

MTPSR2-201

The ProxyServer administrator can set up “filters” on the ProxyServer for better network control. The

Filter option can be used when you want to block all packets originating from a specific destination

(called source address filtering) or all packets heading for a particular destination (called destination

address filtering). Filters can be set to exclude packets of a particular protocol or any particular field

in a LAN packet.

These filters are based on three basic filter types: Internet Sites (IP Address) (both dotted decimal

and Domain Name), Client Workstation (MAC address or IP address), or Application. To install a

filter, you must first choose one of these basic filter types. Refer to the ProxyServer Helps for details

on how to configure the Filter option.

For example, in a filter set up by Domain Name, the system administrator could restrict all users at a

particular site from accessing game sites, X-rated sites, etc.; or, users at a particular MAC address or

IP address could be restricted from using the services of the ProxyServer; or, you could restrict all

users from accessing specific applications (e.g., FTP, chat, etc.).

Note: The Filter option does not perform content filtering; rather, the system administrator can

restrict users from a particular Internet site, client workstation, or application through the Filters

dialog box.

Note: Adding applications may decrease performance speed and increase security risks. Therefore,

you may want to delete unused or rarely used applications.

To further enhance the security of the firewall network, the FTP button on the Proxy Applications

Configuration dialog box allows you to change the FTP Control Port and Data Port Numbers. If you

do change these numbers, make certain that you inform users who need to access the FTP server

what the new numbers are. By default, the FTP server’s Control Port Number is 21 and the Data Port

Number is 20.