ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
6-4 VPN Firewall and Network Management
v1.1, August 2010
• Keyword (and Domain Name) Blocking. You can specify up to 32 words that, should they
appear in the website name (that is, URL) or in a newsgroup name, will cause that site or
newsgroup to be blocked by the VPN firewall.
You can apply the keywords to one or more groups. Requests from the PCs in the groups for
which keyword blocking has been enabled will be blocked. Blocking does not occur for the
PCs that are in the groups for which keyword blocking has not been enabled.
You can bypass keyword blocking for trusted domains by adding the exact matching domain
to the list of Trusted Domains. Access to the domains on this list by PCs even in the groups for
which keyword blocking has been enabled will still be allowed without any blocking.
• Web Component blocking. You can block the following Web component types: Proxy, Java,
ActiveX, and Cookies. Sites on the Trusted Domains list are still subject to Web component
blocking when the blocking of a particular Web component has been enabled.
See “Blocking Internet Sites (Content Filtering)” on page 4-30 for the procedure on how to use
this feature.
Source MAC Filtering
If you want to reduce outgoing traffic by preventing Internet access by certain PCs on the LAN,
you can use the source MAC filtering feature to drop the traffic received from the PCs with the
specified MAC addresses. By default, this feature is disabled; all traffic received from PCs with
any MAC address is allowed.
See “Configuring Source MAC Filtering” on page 4-33 for the procedure on how to use this
feature.
VPN Firewall Features That Increase Traffic
The following features of the VPN firewall tend to increase the traffic load on the WAN-side:
• LAN WAN inbound rules (also referred to as port forwarding)
• DMZ WAN inbound rules (also referred to as port forwarding)
• Port triggering
• Enabling the DMZ port
• Configuring Exposed hosts
• Configuring VPN tunnels