Instruction Manual
4.3.4 Firewall
Firewall and Access Control
Your router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet
access from your LAN, as well as helping to prevent attacks from hackers. In addition to this,
when using NAT (Network Address Translation) the router acts as a “natural” Internet
firewall, since all PCs on your LAN use private IP addresses that cannot be directly
accessed from the Internet. See the WAN configuration section for more details on NAT.
Firewall: Prevents access from outside your network. The router provides three levels of
security support:
NAT natural firewall: This masks LAN users’ IP addresses, which are invisible to outside
users on the Internet, making it much more difficult for a hacker to target a machine on your
network. This natural firewall is on when the NAT function is enabled.
When using Virtual Servers (port forwarding) your PCs are exposed to the
degree specified in your Virtual Server settings provided the ports specified
are opened in your firewall packet filter settings.
Firewall Security and Policy (General Settings): Inbound direction of Packet Filter rules
prevent unauthorized computers or applications accessing your local network from the
Internet.
Intrusion Detection: Enable Intrusion Detection to detect, prevent, and log malicious
attacks.
MAC Filter rules: Prevents unauthorized computers accessing the Internet.
URL Filter: Blocks PCs on your local network from unwanted websites.
A detailed explanation of each of the following five items appears in the Firewall section
below: Packet Filter, MAC Address Filter, Intrusion detection, Block WAN Request and
URL Filter.
51