Manualshelf

Quick Reference Guide

ManualsBrandsNetgear ManualsNetworkingSRXN3205
919293949596979899100
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
Firewall Security and Content Filtering 5-19
v1.0, January 2010
Creating Services, QoS Profiles, and Bandwidth Profiles
When you create inbound and outbound firewall rules, you use firewall objects such as services,
QoS profiles, bandwidth profiles, and schedules to narrow down the firewall rules:
Services. A service narrows down the firewall rule to an application and a port number. For
information about adding services, see “Adding Customized Services” on page 5-19.
QoS profiles. A quality of service (QoS) profile defines the relative priority of an IP packet
for traffic that matches the firewall rule. For information about creating QoS profiles, see
“Setting Quality of Service (QoS) Priorities” on page 5-21.
Bandwidth Profiles. A bandwidth profile allocates and limits traffic bandwidth for the LAN
users to which a firewall rule is applied. For information about creating bandwidth profiles,
see “Creating Bandwidth Profiles” on page 5-21.
Adding Customized Services
Services are functions performed by server computers at the request of client computers. For
example, Web servers serve Web pages, time servers serve time and date information, and game
hosts serve data about other players’ moves. When a computer on the Internet sends a request for
service to a server computer, the requested service is identified by a service or port number. This
number appears as the destination port number in the transmitted IP packets. For example, a packet
that is sent with destination port number 80 is an HTTP (Web server) request.
The service numbers for many common protocols are defined by the Internet Engineering Task
Force (IETF) and published in RFC1700, “Assigned Numbers.” Service numbers for other
applications are typically chosen from the range 1024 to 65535 by the authors of the application.
Although the VPN firewall already holds a list of many service port numbers, you are not limited
to these choices. Use the Services screen to add additional services and applications to the list for
use in defining firewall rules. The Services screen shows a list of services that you have defined, as
shown in Figure 5-11 on page 5-20.
To define a new service, first you must determine which port number or range of numbers is used
by the application. This information can usually be determined by contacting the publisher of the
application or from user groups or newsgroups. When you have the port number information, you
can enter it on the Services screen.
Note: A schedule narrows down the period during which a firewall rule is applied. For
information about specifying schedules, see “Setting Schedules to Block or Allow
Specific Traffic” on page 5-24.