NETGEAR SRX5308-100NAS Switch User Manual


 
Firewall Protection
139
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Note: Some residential broadband ISP accounts do not allow you to run
any server processes (such as a web or FTP server) from your
location. Your ISP might periodically check for servers and might
suspend your account if it discovers any active servers at your
location. If you are unsure, see the acceptable use policy of your ISP.
Order of Precedence for Rules
As you define a new rule, it is added to a table in a Rules screen as the last item in the list, as
shown in the following figure, which shows the LAN WAN Rules screen for IPv4 as an
example:
QoS Profile The priority assigned to IP packets of this service. The priorities
are defined by Type of Service in the Internet Protocol Suite
standards, RFC 1349. The QoS profile determines the priority of
a service, which, in turn, determines the quality of that service for
the traffic passing through the firewall.
The VPN firewall marks the Type of Service (ToS) field as
define
d in the QoS profiles that you create. For more information,
see Create Quality of Service Profiles for IPv4 Firewall Rules on
page 179.
Note: T
here are no default QoS profiles on the VPN firewall.
After you have created a QoS profile, it can become active only
when you apply it to a nonblocking inbound or outbound firewall
rule.
Note: QoS profiles do not apply to LAN DMZ rules.
IPv4 LAN WAN rules
IPv4 DMZ WAN rules
Log The setting that determines whether packets covered by this rule
are log
ged. The options are:
Always.
Always log traffic that matches this rule. This is useful
when you are debugging your rules.
Neve
r. Never log traffic that matches this rule.
All rules
Bandwidth Profile Bandwidth limiting determines how the data is sent to and from
your host. The purpose of bandwidth limiting is to provide a
solution for limiting the outgoing and incoming traffic, thus
preventing the LAN users from consuming all the bandwidth of
the Internet link. For more information, see Create Bandwidth
Profiles on p
age 176. For inbound traffic, you can configure
bandwidth limiting only on the LAN interface for a LAN WAN rule.
Note: Ban
dwidth limiting does not apply to the DMZ interface.
IPv4 LAN WAN rules
Table 33. Inbound rules overview (continued)
Setting Description Inbound Rules