Home > SMC Networks > Router > SMC Networks Router SMCWBR14T User Manual

SMC Networks Router SMCWBR14T User Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual SMC Networks Router SMCWBR14T User Manual. The SMC Networks manuals for Router are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 81

    Page 81 SECURITY 4-33 MAC Filter Use this page to block access to your network using MAC addresses. The Barricade can also limit the access of hosts within the local area network (LAN). The MAC Filtering Table allows the Barricade to enter up to 32 MAC addresses that are allowed access to the WAN port. All other devices will be denied access. By default, this feature is disabled. Click Save Settings to proceed, or Cancel to change your settings. 
    SECURITY
4-33
MAC Filter
Use this page to block access to your network using MAC addresses.
 
The Barricade can also limit the access of hosts within the local area 
network (LAN). The MAC Filtering Table allows the Barricade to enter up 
to 32 MAC addresses that are allowed access to the WAN port. All other 
devices will be denied access. By default, this feature is disabled.
Click Save Settings to proceed, or Cancel to change your settings.

    Page 82

    Page 82 CONFIGURING THE BAR RICADE 4-34 Parental Control The Barricade allows the user to block access to web sites from a particular PC by entering either a full URL address or just a keyword. This feature can be used to protect children from accessing violent or pornographic web sites. You can define up to 30 sites or keywords here. To configure the Parental Control feature, use the table to specify the web sites (www.somesite.com) and/or keywords you want to block on your network. To complete this... 
    CONFIGURING THE BAR RICADE
4-34
Parental Control
The Barricade allows the user to block access to web sites from a particular 
PC by entering either a full URL address or just a keyword. This feature 
can be used to protect children from accessing violent or pornographic 
web sites.
You can define up to 30 sites or keywords here. To configure the Parental 
Control feature, use the table to specify the web sites (www.somesite.com) 
and/or keywords you want to block on your network.
To complete this...

    Page 83

    Page 83 SECURITY 4-35 Intrusion Detection The Barricade’s firewall inspects packets at the application layer, maintains TCP and UDP session information including timeouts and number of active sessions, and provides the ability to detect and prevent certain types of network attacks such as Denial-of-Service (DoS) attacks. 
    SECURITY
4-35
Intrusion Detection
The Barricade’s firewall inspects packets at the application layer, maintains 
TCP and UDP session information including timeouts and number of 
active sessions, and provides the ability to detect and prevent certain types 
of network attacks such as Denial-of-Service (DoS) attacks.

    Page 84

    Page 84 CONFIGURING THE BAR RICADE 4-36 Network attacks that deny access to a network device are called DoS attacks. DoS attacks are aimed at devices and networks with a connection to the Internet. Their goal is not to steal information, but to disable a device or network so users no longer have access to network resources. The Barricade protects against DoS attacks including: Ping of Death (Ping flood) attack, SYN flood attack, IP fragment attack (Teardrop Attack), Brute-force attack, Land Attack, IP... 
    CONFIGURING THE BAR RICADE
4-36
Network attacks that deny access to a network device are called DoS 
attacks. DoS attacks are aimed at devices and networks with a connection 
to the Internet. Their goal is not to steal information, but to disable a 
device or network so users no longer have access to network resources.
The Barricade protects against DoS attacks including: Ping of Death (Ping 
flood) attack, SYN flood attack, IP fragment attack (Teardrop Attack), 
Brute-force attack, Land Attack, IP...

    Page 85

    Page 85 SECURITY 4-37 The table below lists the Intrusion Detection parameters and their descriptions. Parameter Defaults Description Intrusion Detection Feature SPI and Anti-DoS firewall protectionNo The Intrusion Detection feature of the Barricade limits the access of incoming traffic at the WAN port. When the Stateful Packet Inspection (SPI) feature is turned on, all incoming packets are blocked except those types marked with a check in the SPI section at the top of the screen. RIP Defect Disabled If... 
    SECURITY
4-37
The table below lists the Intrusion Detection parameters and their 
descriptions.
Parameter Defaults Description
Intrusion Detection 
Feature
SPI and Anti-DoS 
firewall protectionNo The Intrusion Detection feature of the Barricade 
limits the access of incoming traffic at the WAN 
port. When the Stateful Packet Inspection (SPI) 
feature is turned on, all incoming packets are 
blocked except those types marked with a check in 
the SPI section at the top of the screen. 
RIP Defect Disabled If...

    Page 86

    Page 86 CONFIGURING THE BAR RICADE 4-38 Stateful Packet InspectionThis option allows you to select different application types that are using dynamic port numbers. If you wish to use Stateful Packet Inspection (SPI) for blocking packets, click on the Yes radio button in the “Enable SPI and Anti-DoS firewall protection” field and then check the inspection type that you need, such as Packet Fragmentation, TCP Connection, UDP Session, FTP Service and TFTP Service. It is called a “stateful” packet... 
    CONFIGURING THE BAR RICADE
4-38
Stateful Packet 
InspectionThis option allows you to select different 
application types that are using dynamic port 
numbers. If you wish to use Stateful Packet 
Inspection (SPI) for blocking packets, click on the 
Yes radio button in the “Enable SPI and Anti-DoS 
firewall protection” field and then check the 
inspection type that you need, such as Packet 
Fragmentation, TCP Connection, UDP Session, 
FTP Service and TFTP Service.
It is called a “stateful” packet...

    Page 87

    Page 87 SECURITY 4-39 Password Enter your email account password. Connection Policy Fragmentation half-open wait10 secs Configures the number of seconds that a packet state structure remains active. When the timeout value expires, the router drops the unassembled packet, freeing that structure for use by another packet. TCP SYN wait 30 secs Defines how long the software will wait for a TCP session to reach an established state before dropping the session. TCP FIN wait 5 secs Specifies how long a TCP... 
    SECURITY
4-39
Password Enter your email account password.
Connection Policy
Fragmentation 
half-open wait10 secs Configures the number of seconds that a packet 
state structure remains active. When the timeout 
value expires, the router drops the unassembled 
packet, freeing that structure for use by another 
packet. 
TCP SYN  wait 30  secs Defines how long the software will wait for a TCP 
session to reach an established state before 
dropping the session. 
TCP FIN wait 5  secs Specifies how long a TCP...

    Page 88

    Page 88 CONFIGURING THE BAR RICADE 4-40 Note:We do not recommend modifying the default parameters shown above. Click Save Settings to proceed, or Cancel to change your settings. Incomplete TCP/UDP sessions detect sensitive time period300 msecs Length of time before an incomplete TCP/UDP session is detected as incomplete. Maximum half-open fragmentation packet number from same host30 sessionsMaximum number of half-open fragmentation packets from the same host. Half-open fragmentation detect... 
    CONFIGURING THE BAR RICADE
4-40
Note:We do not recommend modifying the default parameters shown 
above.
Click Save Settings to proceed, or Cancel to change your settings.
Incomplete 
TCP/UDP 
sessions detect 
sensitive time 
period300 msecs Length of time before an incomplete TCP/UDP 
session is detected as incomplete.
Maximum 
half-open 
fragmentation 
packet 
number from 
same host30 
sessionsMaximum number of half-open fragmentation 
packets from the same host.
Half-open 
fragmentation 
detect...

    Page 89

    Page 89 SECURITY 4-41 DMZ If you have a client PC that cannot run an Internet application properly from behind the firewall, you can open the client up to unrestricted two-way Internet access. Enter the IP address of a DMZ (Demilitarized Zone) host on this screen. Adding a client to the DMZ may expose your local network to a variety of security risks, so only use this option as a last resort. 
    SECURITY
4-41
DMZ
If you have a client PC that cannot run an Internet application properly 
from behind the firewall, you can open the client up to unrestricted 
two-way Internet access. Enter the IP address of a DMZ (Demilitarized 
Zone) host on this screen. Adding a client to the DMZ may expose 
your local network to a variety of security risks, so only use this option 
as a last resort.

    Page 90

    Page 90 CONFIGURING THE BAR RICADE 4-42 Wireless The Barricade can be quickly configured for roaming clients by setting the Service Set Identifier (SSID) and channel number. It supports data encryption and client filtering. To use the wireless feature, check the Enable check box and click Save Settings. To begin configuring your wireless security settings, click Wireless Encryption. 
    CONFIGURING THE BAR RICADE
4-42
Wireless
The Barricade can be quickly configured for roaming clients by setting the 
Service Set Identifier (SSID) and channel number. It supports data 
encryption and client filtering.
To use the wireless feature, check the Enable check box and click Save 
Settings.
To begin configuring your wireless security settings, click Wireless 
Encryption.
    Start reading SMC Networks Router SMCWBR14T User Manual

    Related Manuals for SMC Networks Router SMCWBR14T User Manual

    All SMC Networks manuals