beautypg.com

The zones, Red green orange blue uplink2 (failover) – NEXCOM IFA 1610 User Manual

Page 5

background image

Copyright © 2014 NEXCOM International Co., Ltd. All Rights Reserved.

IFA 3610/IFA 2610/IFA 1610 User Manual

Introduction: Getting Started

2

The Zones

One of the most important concepts on which the IFA 3610/IFA 2610/IFA 1610 appliances is grounded, the Zone, finds
its root in IPCOP’s idea to protect the networks it can reach by grouping them into different segments -the zone, indeed-
and allowing the traffic to be exchanged only in certain directions among these segments. The four main zones are
identified by a color and may group together a number of servers of workstation that have a same purpose.

Red

Green

Orange

Blue

Uplink2

(Failover)

Ethernet (Static, DHCP)

PPPoE

ISDN

ADSL (USB, PCI)

Zone

Default Assignment

Red

Internet (WAN)

Green

LAN (Most Protected)

Orange

DMZ (Least Protected)

Blue

WiFi (Wireless / Hotspot)

▪ RED, this is the so-called Untrusted segment, i.e., the WAN: It encompasses all the networks outside the IFA 3610/IFA

2610/IFA 1610 appliances or, broadly speaking, the Internet, and is the source of incoming connections. This is the
only zone that can not be managed: but only access to and from it can be granted or limited.

▪ GREEN, the internal network, i.e., the LAN. This zone is the most protected one and is dedicated to the workstations

and should never be directly accessed from the RED zone. It is also the only zone that by default can access the
management interface.

▪ ORANGE, The DMZ. This zone should host the servers that need to access the Internet to provide services (e.g., SMTP/

POP, SVN and HTTP and so on). It is a good practice that the ORANGE zone be the only zone directly accessable from
the RED zone. Indeed, if an attacker manages to break into one of the servers, she will be trapped within the DMZ and
will not be able reach the GREEN zone, making impossible for her to gain sensitive information from local machines
in the GREEN zone.

▪ BLUE, the WiFi zone, i.e., the zone that should be used by wireless clients to access the Internet. Wireless networks

are often not secure, so the idea is to trap by default all the wireless connected clients into their own zone without
access to any other zone except RED.

This manual is related to the following products: