Support User Manuals

NETGEAR UTM25EW-100NAS Router User Manual

Open as PDF

of 480

ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual

Network and System Management 10-5

v1.0, September 2009

– Web object blocking. You can block the following Web component types: embedded

objects (ActiveX, Java, Flash), proxies, and cookies, and you can disable Java scripts. For

more information, see “Configuring Web Content Filtering” on page 6-23.

– Setting the size of Web files to be scanned. Scanning large Web files requires network

resources and might slow down traffic. You can specify the maximum file size that is

scanned, and if files that exceed the maximum size are skipped (which might compromise

security) or blocked. For more information, see “Configuring Web Malware Scans” on

page 6-21.

For these features (with the exception of Web object blocking and setting the size of files to be

scanned), you can set schedules to specify when Web content is filtered (see “Configuring

Web Content Filtering” on page 6-23) and configure exceptions for groups (see “Setting Web

Access Exception Rules” on page 6-41).

Source MAC Filtering

If you want to reduce outgoing traffic by preventing Internet access by certain PCs on the LAN,

you can use the source MAC filtering feature to drop the traffic received from the PCs with the

specified MAC addresses. By default, this feature is disabled; all traffic received from PCs with

any MAC address is allowed. See “Enabling Source MAC Filtering” on page 5-40 for the

procedure on how to use this feature.

Features That Increase Traffic

The following features of the UTM tend to increase the traffic load on the WAN-side:

• LAN WAN inbound rules (also referred to as port forwarding)

• DMZ WAN inbound rules (also referred to as port forwarding)

• Port triggering

• Enabling the DMZ port

• Configuring Exposed hosts

• Configuring VPN tunnels

LAN WAN Inbound Rules and DMZ WAN Inbound Rules (Port Forwarding)

The LAN WAN Rules screen and the DMZ WAN Rules screen list all existing rules for inbound

traffic (from WAN to LAN and from WAN to the DMZ). If you have not defined any rules, only

the default rule is listed. The default rule blocks all access from outside except responses to

requests from the LAN side. Any inbound rule that you create allows additional incoming traffic

and therefore increases the traffic load on the WAN side.

previous next