User guide
Default Security Policy
168 Check Point ZoneAlarm User Guide
Security Policy Implementation
The key to implementing a network security policy is to understand that a firewall is
simply a technical tool that reflects and enforces a network security policy for accessing
network resources.
A rule base is an ordered set of individual network security rules, against which each
attempted connection is checked. Each rule specifies the source, destination, service, and
action to be taken for each connection. A rule also specifies how a communication is
tracked, logged, and displayed. In other words, the rule base is the implementation of the
security policy.
Security Policy Enforcement
The ZoneAlarm router uses the unique, patented INSPECT engine to enforce the
configured security policy and to control traffic between networks. The INSPECT engine
examines all communication layers and extracts only the relevant data, enabling highly
efficient operation, support for a large number of protocols and applications, and easy
extensibility to new applications and services.
Default Security Policy
The ZoneAlarm default security policy includes the following rules:
• Access is blocked from the WAN (Internet) to the internal networks (LAN and
WLAN).
• Access is allowed from the internal networks to the WAN, according to the
firewall security level (Low/Medium/High).
• Access is allowed from the LAN network to the WLAN.
• If you chose “Firewall Mode” during setup, either in the ZoneAlarm Setup Wizard
or in the Wireless Configuration Wizard:
• Access is blocked from the WLAN to the LAN.
• HTTP access to the ZoneAlarm Portal (my.firewall and my.vpn) is allowed
from the LAN, but not from the WLAN. You can allow HTTP access from
the WLAN, by creating a specific user-defined firewall rule.
• When using the print server function (see Using Network Printers on page
367),
access from internal networks to connected network printers is allowed.