In the Advanced Security SettingsSecurity settings are applied at lower layer, which is the levelso that there is a general basis on almost all types of AP. Next we willstudy the security settings on a higher layer.
Figure 13:18 Setting Security - Firewall in AP
FirewallIn this setting, there are 4 options:a. Block Anonymous Internet RequestsWhen activated, we can protect our network from detection, whichusually use the "ping". This feature also hides the portsour network, so that complicates the user from outside the network toaccess our local network.
a. IPSec passthrough - Allow IPSec trafficb. PPTP passthrough - Allow PPTP traffic (this is used by Windows VPN)c. L2TP passthrough - Allow L2TP traffic
3.8 Setting Access Restrictions
Figure 13:20 Setting the AP Access Restriction
These settings work on to restrict Internet access based on several parameters:1. List of PC (User)2. Day3. Time / Hours4. Service5. Block Website (based on URL or by keyword)
In the "Internet Access Policy" we can make a maximum of 10 policies, and wecan see the "Summary" or summary of the relevant policies.
Kinds of service provided byAP is DNS, Ping,HTTP, HTTPS, FTP, POP3, IMAP,SMTP, NNTP, Telnet, SNMP, TFTP,and IKE. Service was on-setbased on protocol and portused. To change oradd a specific service, candone by click on "Add / EditService "as shown inside.
Suppose we create a policy as follows:• The policy called "common", whereby a user with the IP 192.168.1.2 to192.168.1.254 will be allowed to access the course of an hour Monday06:00 to 10:00 am• Site should not be accessed www.asem.com• Sites with the keyword "porn", "sex", "warez" should not be accessed• Service "Ping" blockedd. Filter IDENT (port 113)Prevent attacks from outside through the Internet port 113. However, someapplication requires this port.VPN (Virtual Private Network)Setting VPN allows the passage of VPN traffic through our AP router.In this setting there are 3 options:c. Filter Internet NAT RedirectionThis feature uses Port Forwarding to prevent access tolocal server from other local computers.b. Multicast FilterEnable this feature if we do not want to receive multicast trafficsometimes delivered by other networks.
Figure 13:18 Setting Security - Firewall in AP
FirewallIn this setting, there are 4 options:a. Block Anonymous Internet RequestsWhen activated, we can protect our network from detection, whichusually use the "ping". This feature also hides the portsour network, so that complicates the user from outside the network toaccess our local network.
a. IPSec passthrough - Allow IPSec trafficb. PPTP passthrough - Allow PPTP traffic (this is used by Windows VPN)c. L2TP passthrough - Allow L2TP traffic
3.8 Setting Access Restrictions
Figure 13:20 Setting the AP Access Restriction
These settings work on to restrict Internet access based on several parameters:1. List of PC (User)2. Day3. Time / Hours4. Service5. Block Website (based on URL or by keyword)
In the "Internet Access Policy" we can make a maximum of 10 policies, and wecan see the "Summary" or summary of the relevant policies.
Kinds of service provided byAP is DNS, Ping,HTTP, HTTPS, FTP, POP3, IMAP,SMTP, NNTP, Telnet, SNMP, TFTP,and IKE. Service was on-setbased on protocol and portused. To change oradd a specific service, candone by click on "Add / EditService "as shown inside.
Suppose we create a policy as follows:• The policy called "common", whereby a user with the IP 192.168.1.2 to192.168.1.254 will be allowed to access the course of an hour Monday06:00 to 10:00 am• Site should not be accessed www.asem.com• Sites with the keyword "porn", "sex", "warez" should not be accessed• Service "Ping" blockedd. Filter IDENT (port 113)Prevent attacks from outside through the Internet port 113. However, someapplication requires this port.VPN (Virtual Private Network)Setting VPN allows the passage of VPN traffic through our AP router.In this setting there are 3 options:c. Filter Internet NAT RedirectionThis feature uses Port Forwarding to prevent access tolocal server from other local computers.b. Multicast FilterEnable this feature if we do not want to receive multicast trafficsometimes delivered by other networks.