Specifications
Firewall Protection
141
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Note: When the Block TCP Flood and Block UDP Flood check boxes are
selected on the Attack Checks screen (which they are by default;
see Attack Checks on page 170), multiple concurrent connections of
the same application from one host or IP address (such as multiple
DNS queries from one computer) trigger the VPN firewall’
s DoS
protection.
The following table describes the fields that define the rules for inbound traffic and that are
common to most Inbound Service screens (see Figure 79 on page 150, Figure 85 on
page 156, and Figure 91 on page 162).
The steps to configure inbound rules are described in the following sections:
• Configure LAN WAN Rules
• Configure DMZ W
AN Rules
• Configure LAN DMZ Rules
Table 34. Inbound rules overview
Setting Description Inbound Rules
Service The service or application to be covered by this rule. If the
service or application does not display in the list, you need to
define it using the Services screen (see Add Customized
Services on page 177).
All rules
Action
The action for outgoing connections covered by this rule:
•
BLOCK always
• BLOCK by schedule, otherwise allow
• ALLOW always
• ALLOW by schedule, otherwise block
Note: Any inbound traffic that is not blocked by rules you create
is allowed by the default rule.
All rules
Select Schedule
The time schedule (that is, Schedule1, Schedule2, or
Schedule3) that is used by this rule.
•
This drop-down list is activated only when BLOCK by
schedule, otherwise allow or ALLOW by schedule, otherwise
block is selected as the action.
•
Use the Schedule screen to configure the time schedules
(see Set a Schedule to Block or Allow Specific Traffic on
page 189).
All rules when BLOCK
by schedule,
otherwise allow or
ALLOW by schedule,
otherwise block is
selected as the action