Firewall Protection
158
ProSecure Unified Threat Management (UTM) Appliance
3. Click Apply to save your settings.
Configure Multicast Pass-Through
To configure multicast pass-through:
1. Select Network Security > Firewall > IGMP. The IGMP screen displays. (The following
figure shows one alternate network as an example.)
LAN Security Checks
Block UDP flood Select the Block UDP flood check box to prevent the UTM from accepting more
than 20 simultaneous, active User Datagram Protocol (UDP) connections from a
single device on the LAN. By default, the Block UDP flood check box is cleared.
A UDP flood is a form of denial of service attack that can be initiated when one
device sends many UDP packets to random ports on a remote host. As a result, the
distant host does the following:
1. Checks for the application listening at that port.
2. Sees that no application is listening at that port.
3. Replies with an ICMP Destination Unreachable packet.
When the victimized system is flooded, it is forced to send many ICMP packets,
eventually making it unreachable by other clients. The attacker might also spoof the
IP address of the UDP packets, ensuring that the excessive ICMP return packets do
not reach the attacker, thus making the attacker’s network location anonymous.
Disable Ping Reply
on LAN Ports
Select the Disable Ping Reply on LAN Ports check box to prevent the UTM from
responding to a ping on a LAN port. A ping can be used as a diagnostic tool. Keep
this check box cleared unless you have a specific reason to prevent the UTM from
responding to a ping on a LAN port.
VPN Pass through
IPSec
PPTP
L2TP
When the UTM functions in NAT mode, all packets going to the remote VPN gateway
are first filtered through NAT and then encrypted according to the VPN policy. For
example, if a VPN client or gateway on the LAN side of the UTM wants to connect to
another VPN endpoint on the WAN side (placing the UTM between two VPN
endpoints), encrypted packets are sent to the UTM. Because the UTM filters the
encrypted packets through NAT, the packets become invalid unless you enable the
VPN Pass through feature.
To enable the VPN tunnel to pass the VPN traffic without any filtering, select any or
all of the following check boxes:
• IPSec. Disables NAT filtering for IPSec tunnels.
• PPTP. Disables NAT filtering for PPTP tunnels.
• L2TP. Disables NAT filtering for L2TP tunnels.
By default, all three check boxes are selected.
Table 30. Attack Checks screen settings (continued)
Setting Description