NETGEAR STM150EW-100NAS Router User Manual


 
LAN Configuration
117
ProSecure Unified Threat Management (UTM) Appliance
Configure and Enable the DMZ Port
The demilitarized zone (DMZ) is a network that, by default, has fewer firewall restrictions than
the LAN. The DMZ can be used to host servers (such as a web server, FTP server, or email
server) and provide public access to them. The rightmost LAN port on the UTM can be
dedicated as a hardware DMZ port to provide services to the Internet safely without
compromising security on your LAN. On the UTM5, UTM10, UTM25, and UTM150, this is
LAN port 4; on the UTM50, this is LAN port 6.
By default, the DMZ port and both inbound and outbound DMZ traffic are disabled. Enabling
the DMZ port and allowing traffic to and from the DMZ increases the traffic through the WAN
ports.
Using a DMZ port is also helpful with online games and videoconferencing applications that
are incompatible with NAT. The UTM is programmed to recognize some of these applications
and to work correctly with them, but there are other applications that might not function well.
In some cases, local computers can run the application correctly if those computers are used
on the DMZ port.
Note: A separate firewall security profile is provided for the DMZ port that
is also physically independent of the standard firewall security
component that is used for the LAN.
The DMZ Setup screen lets you set up the DMZ port. It permits you to enable or disable the
hardware DMZ port (LAN port 4 or LAN port 6; see Front Panel UTM5 and UTM10 on
page 25) and configure an IP address and subnet mask for the DMZ port.
To enable and configure the DMZ port:
1. Select Network Config > DMZ Setup. The DMZ Setup screen displays: