Manualshelf

User guide

ManualsBrandsZoneAlarm ManualsComputer equipmentZ100G
151152153154155156157158159160
Workflow
140 Check Point ZoneAlarm User Guide
If a host with an IP address outside of the allowed IP address range tries to
connect from the LAN network segment, the connection will be blocked and
logged as “Spoofed IP”.
If a host with an IP address within the bridge IP address range tries to connect
from a network segment other than the LAN segment, the connection will be
blocked and logged as “Spoofed IP”.
Multiple Bridges and Spanning Tree Protocol
When using multiple bridges, you can enable fault tolerance and optimal packet routing, by
configuring Spanning Tree Protocol (STP - IEEE 802.1d). When STP is enabled, each
bridge communicates with its neighboring bridges or switches to discover how they are
interconnected. This information is then used to eliminate loops, while providing optimal
routing of packets. STP also uses this information to provide fault tolerance, by re-
computing the topology in the event that a bridge or a network link fails.
Note: The ZoneAlarm router license allows configuring one bridge; however, STP
can be used in situations where multiple bridge devices exist on the same network.
Workflow
To use a bridge
1. Add a bridge.
See Adding and Editing Bridges on page
141.
2. Add the LAN and WLAN networks to the bridge.
See Adding Internal Networks to Bridges on page
145.
3. If you enabled the firewall between networks on this bridge, add security rules
and VStream Antivirus rules as needed.
For information on adding security rules, see Adding and Editing Rules on page
176.
For information on adding VStream Antivirus rules, see Adding and Editing Vstream
Antivirus Rules on page
252.