MSM7xx Controllers Configuration Guide v6.4.0
18 Security
Firewall
To safeguard your network from intruders, the controller features a customizable stateful firewall.
The firewall operates on the traffic streaming through the Internet port. It can be used to control
both incoming and outgoing data.
A number of predefined firewall rules let you achieve the security level you need without going to
the trouble of designing your own rules. However, you can create a completely custom set of
firewall rules to suit your particular networking requirements, if necessary.
If the controller is connected to a wired LAN, the firewall protects the wired LAN as well.
syn attack
telnet
ftp
Hacker
Integrated
firewall
P
U
B
L
I
C
W
L
A
N
P
U
B
L
I
C
W
L
A
N
broadband
modem
Ethernet LAN
AP
Controller
AP
Firewall presets
The easiest way to use the firewall is to use one of the preset settings. Two levels of security are
provided:
• High: Permits all outgoing traffic, except NetBIOS (TCP and UDP). Blocks all externally initiated
connections.
• Low: Permits all incoming and outgoing traffic, except for NetBIOS traffic. Use this option if
you require active FTP sessions.
The following tables indicate how some common applications are affected by the preset firewall
settings.
Firewall settingOutgoing traffic
HighLowApplication
PassedFTP (passive mode)
PassedFTP (active mode)
PassedWeb (HTTP, HTTPS)
PassedSNMP
PassedTelnet
BlockedWindows networking
Passedping
PassedPPTP from client station to remote
server
PassedNetMeeting (make call)
374 Security