Bizfon 7000 User's Guide download pdf (Page 17)

System Administration Guide Network Configuration

50 Stiles Road • Salem, NH 03079 • Toll Free 1-800-260-5793 • 603-870-9400 • www.Bizfon.com

Revised: August 5, 2005 Page 13

Notice the checkboxes for specific Bizfon services. They are convenience shortcuts to filling in the form above

them.

5.5 Network Mode: NAT/Firewall with Stealth DMZ

This mode is the same as NAT/Firewall with DMZ except that all ICMP services (echo, redirect, etc) are turned

off. This makes it more difficult for attacks from the WAN to probe the server. It also makes it more difficult for

the administrator to troubleshoot any network connectivity problems (since ping and traceroute won’t work).

5.6 Example 1: Secure Firewall

Requirements:

The Bizfon server will be used as the router between a LAN and the Internet. Protecting the LAN from the

Internet is a requirement. The server will be used as the local email server with email being sent to it from the

WAN and LAN. The server will be the LAN time server. All other WAN services will be denied.

Configuration:

1. Set the Network Mode to NAT/Firewall with Stealth DMZ. Setting it to stealth mode will reduce the ability

of Internet attacks to recognize the existence of the Bizfon server and its offered services.

2. In the Firewall section of the Network / Configuration / Modify page, change the Bizfon Services

(ports) exposed through DMZ so that only SMTP, DNS, and SNTP are checked. SMTP is required to

1 2 ... 12 13 14 15 16 17 18 19 20 21 22 ... 75 76

No comments

Bizfon 7000 User's Guide Page 17