User Manual Part 2

SonicWALL TZ 210 Series Getting Started Guide Page 27

Creating Network Access Rules

A Zone is a logical grouping of one or more interfaces designed

to make management a simpler and more intuitive process than

following a strict physical interface scheme.

By default, the SonicWALL security appliance’s stateful packet

inspection allows all communication from the LAN to the

Internet, and blocks all traffic from the Internet to the LAN. The

following behaviors are defined by the “Default” stateful

inspection packet access rule enabled in the SonicWALL

security appliance:

To create an access rule:

1. On the Firewall > Access Rules page in the matrix view,

select two zones that will be bridged by this new rule.

2. On the Access Rules page, click Add.

The access rules are sorted from the most specific to the

least specific at the bottom of the table. At the bottom of the

table is the Any rule.

Note: SonicWALL’s default firewall rules are set in this way

for ease of initial configuration, but do not reflect best

practice installations. Firewall rules should only allow

the required traffic and deny all other traffic.

Originating Zone Destination Zone Action

LAN, WLAN WAN, DMZ

Allow

DMZ WAN

Allow

WAN DMZ

Deny

WAN and DMZ LAN or WLAN

Deny

TZ_210_GSG.book Page 27 Thursday, November 13, 2008 7:41 PM