User guide

User Guide 79

Network Settings

About configuring the optional network

The optional network is an isolated network for less secure public resources. By default, a Firebox X Edge does

not allow traffic from the optional network to get to the trusted network. The factory default settings allow

traffic that starts from the trusted network to get to the optional network, but you can restrict that traffic. For

more information, see About policies for the optional network

Because traffic that is started from the optional network is usually not allowed to the trusted network, you can

use the optional network for servers that other computers can connect to from the Internet, such as a web,

email, or FTP server. We recommend you isolate your private network from these servers because the public

can connect to them. The network you create for these public servers, separate from your private network, is

sometimes called a DMZ (de-militarized zone). If a server on the optional network is attacked from the Internet,

the attacker cannot use it to get to the computers on the trusted network. The trusted network is the most

secure location for your private network.

If your computer is on the optional network, you can connect to the Firebox X Edge system configuration

pages using the optional interface IP address. The default URL for the System Status page from the optional

network is:

https://192.168.112.1

You can use the Firebox X Edge DHCP server or you can use static IP addresses for computers on the optional

network. You also can change the IP address range of the optional network.