Firewall rules, Dmz host, Firewall settings – D-Link DIR-120 User Manual

DIR-120 Ethernet Broadband Router

D-Link DIR-120 User Manual

46

Firewall Settings menu

Firewall Rules

To configure rules for the firewall, modify the following fields and click the Save Settings button at the top of the window to set the rule in the Routers memory. Newly
configured firewall rules will be displayed in the Firewall Rules List at the bottom of the window.

Firewall Settings

The DIR-120 Broadband Router comes equipped with a firewall. This configuration window allows the
Router to enforce specific predefined policies intended to protect against certain common types of
attacks. To configure the Router’s firewall, click the Advanced tab at the top of the window and then
the Firewall Settings tab to the left.
Stateful Packet Inspection (SPI) is a type of firewall that protects your network against hacker attacks
by analyzing packets to ensure that only authorized packets will be allowed to enter your network. To
enable this function, tick the Enable SPI checkbox.
A DoS "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent
legitimate users of a service from using that service. Examples include: attempts to "flood" a network,
thereby preventing legitimate network traffic, attempts to disrupt connections between two machines,
thereby preventing access to a service, attempts to prevent a particular individual from accessing a
service, or, attempts to disrupt service to a specific system or person. To enable this function, tick the
Enable DoS Prevention checkbox.

DMZ Host

Firewalls may conflict with certain interactive applications such as video conferencing or playing
Internet video games. For these applications, a firewall bypass can be set up using a DMZ IP address.
The DMZ IP address is a “visible” address and does not benefit from the full protection of the firewall
function. Therefore it is advisable that other security precautions be enabled to protect the other
computers and devices on the LAN. It may be wise to use isolate the device with the DMZ IP address
from the rest of the LAN.
For example, if you want to use video conferencing and still use a firewall, you can use the DMZ IP
address function. In this case, you must have a PC or server through which video conferencing will
take place. The IP address of this PC or server will then be the DMZ IP address. You can designate the
server’s IP address as the DMZ by typing in the IP address in the DMZ IP Address space provided
and then enabling its status by ticking the Enable DMZ Host checkbox. Click the Save Settings
button at the top of the window when you are finished.