Firewall Protection
128
ProSecure Unified Threat Management (UTM) Appliance
Administrator Tips
Consider the following operational items:
1. As an option, you can enable remote management if you have to manage distant sites
from a central location (see Configure Authentication Domains, Groups, and Users on
page 380 and Configure Remote Management Access on page 438).
2. Although rules are the basic way of managing the traffic through your system (see Overview
of Rules to Block or Allow Specific Kinds of Traffic on page 128), you can further refine your
control using the following features and capabilities of the UTM:
- Groups and hosts (see Manage Groups and Hosts (LAN Groups) on page 111)
- Services (see Outbound Rules (Service Blocking) on page 129)
- Schedules (see Set a Schedule to Block or Allow Specific Traffic on page 177)
- Allow or block sites and applications (see Set Exception Rules for Web and
Application Access on page 248)
- Source MAC filtering (see Enable Source MAC Filtering on page 179)
- Port triggering (see Configure Port Triggering on page 183)
3. Content filtering is a firewall component. The UTM provides such extensive content-filtering
options that an entire chapter is dedicated to this subject; see Chapter 6, Content Filtering
and Optimizing Scans.
4. Some firewall settings might affect the performance of the UTM. For more information, see
Performance Management on page 428.
5. You can monitor blocked content and malware threats in real time. For more information,
see Monitor Real-Time Traffic, Security, and Statistics on page 477.
6. The firewall logs can be configured to log and then email denial of access, general attack,
and other information to a specified email address. For information about how to configure
logging and notifications, see Configure Logging, Alerts, and Event Notifications on
page 466.
Overview of Rules to Block or Allow Specific Kinds of
Traffic
• Outbound Rules (Service Blocking)
• Inbound Rules (Port Forwarding)
• Order of Precedence for Rules
Firewall rules are used to block or allow specific traffic passing through from one side to the
other. You can configure up to 800 rules on the UTM. Inbound rules (WAN to LAN) restrict
access by outsiders to private resources, selectively allowing only specific outside users to
access specific resources. Outbound rules (LAN to WAN) determine what outside resources
local users can have access to.