Firewall Protection
129
ProSecure Unified Threat Management (UTM) Appliance
A firewall has two default rules, one for inbound traffic and one for outbound. The default
rules of the UTM are:
• Inbound. Block all access from outside except responses to requests from the LAN side.
• Outbound. Allow all access from the LAN side to the outside.
The firewall rules for blocking and allowing traffic on the UTM can be applied to LAN WAN
traffic, DMZ WAN traffic, and LAN DMZ traffic.
The rules to block traffic are based on the traffic’s category of service:
• Outbound rules (service blocking). Outbound traffic is usually allowed unless the
firewall is configured to disallow it.
• Inbound rules (port forwarding). Inbound traffic is usually blocked by the firewall unless
the traffic is in response to a request from the LAN side. The firewall can be configured to
allow this otherwise blocked traffic.
• Customized services. Additional services can be added to the list of services in the
factory defaults list. These added services can then have rules defined for them to either
allow or block that traffic (see Add Customized Services on page 163).
• Quality of Service (QoS) priorities. Each service has its own native priority that impacts
its quality of performance and tolerance for jitter or delays. You can change the QoS
priority, which changes the traffic mix through the system (see Create Quality of Service
Profiles on page 169).
Outbound Rules (Service Blocking)
The UTM allows you to block the use of certain Internet services by computers on your
network. This is called service blocking or port filtering.
Note: See Enable Source MAC Filtering on page 179 for yet another way
to block outbound traffic from selected computers that would
otherwise be allowed by the firewall.
Table 26. Number of supported firewall rule configurations
Traffic rule Maximum number of
outbound rules
Maximum number of
inbound rules
Maximum number of
supported rules
LAN WAN 300 300 600
DMZ WAN5050100
LAN DMZ 50 50 100
Total Rules 400 400 800