Filter
Top Products
SONICWALL SONICOS STANDARD 3.0 ADMINISTRATOR’S GUIDE
179
Network Access Rules Overview
C
HAPTER
31
Chapter 31: Configuring Network Access
Rules
Network Access Rules Overview
Network Access Rules are management tools that allow you to define inbound and outbound access
policy, configure user authentication, and enable remote management of the SonicWALL.
By default, the SonicWALL’s stateful packet inspection allows all communication from the LAN to the
Internet, and blocks all traffic to the LAN from the Internet. The following behaviors are defined by the
“Default” stateful inspection packet rule enabled in the SonicWALL:
• Allow all sessions originating from the LAN, OPT, DMZ, or WLAN to the WAN
• Deny all sessions originating from the WAN to the LAN, OPT, DMZ, or WLAN
Additional Network Access Rules can be defined to extend or override the default rules. For example,
rules can be created that block certain types of traffic such as IRC from the LAN to the WAN, or allow
certain types of traffic, such as Lotus Notes database synchronization, from specific hosts on the
Internet to specific hosts on the LAN, or restrict use of certain protocols such as Telnet to authorized
users on the LAN.
The custom rules evaluate network traffic source IP addresses, destination IP addresses, IP protocol
types, and compare the information to rules created on the SonicWALL. Network Access Rules take
precedence, and can override the SonicWALL stateful packet inspection. For example, a rule that
blocks IRC traffic takes precedence over the SonicWALL default setting allowing this type of traffic.
S
Alert: The ability to define Network Access Rules is a very powerful tool. Using custom rules can
disable firewall protection or block all access to the Internet. Use caution when creating or deleting
Network Access Rules.