Dynamic defense, Table 14: firewall rule settings, Table 15: ucm6510 firewall dynamic defense – Grandstream UCM6510 User Manual User Manual

Firmware Version 1.0.2.5

UCM6510 IP PBX User Manual

Page 58 of 313

Table 14: Firewall Rule Settings

Rule Name

Specify the Firewall rule name to identify the firewall rule.

Action

Select the action for the Firewall to perform.
• ACCEPT
• REJECT
• DROP

Type

Select the traffic type.
• IN

If selected, users will need specify the network interface "LAN", "WAN" or

"Both" for the incoming traffic.

• OUT

Service

Select the service type.
• FTP
• SSH
• Telnet
• TFTP
• HTTP
• LDAP
• Custom

If selected, users will need specify Source (IP and port), Destination (IP and

port) and Protocol (TCP, UDP or Both) for the service. Please note if the

source or the destination field is left blank, it will be used as "Anywhere".

The new rule will be listed at the bottom of the page with sequence number, rule name, action, protocol,

type, source, destination and operation. Users can click on

to edit the rule, or click on

to delete

the rule. Save the change and reboot the device for the configuration to take effect.

DYNAMIC DEFENSE

Dynamic defense can blacklist hosts dynamically when the UCM6510 is set to "Route" under web

GUI->Settings->Network Settings->Basic Settings: Method. If enabled, the traffic via TCP connection

coming into the UCM6510 can be monitored, which helps prevent massive connection attempts or brute

force attacks to the device. The blacklist can be created and updated by the UCM6510 firewall, which will

then be displayed in the web page. Please refer to the following table for dynamic defense options on the

UCM6510.

Table 15: UCM6510 Firewall Dynamic Defense

Dynamic Defense

Enable

Enable dynamic defense. The default setting is disabled.