SonicWALL 4.5 Frozen Dessert Maker User Manual


 
116
Enforced Client Product Guide Using the Firewall Protection Service
Configuring policies for firewall protection
5
Specify a connection type
The connection type defines the environment where client computers are used and determines
which IP addresses and ports the firewall protection service allows to communicate with them.
This option defines what the firewall protection service considers to be suspicious activity. The
default setting is
Untrusted.
Select from three connection environments:
Untrusted
Is connected directly to the Internet.
For example: through a dial-up
connection, a DSL line, or a cable modem;
through any type of connection in a coffee
shop, hotel, or airport.
Blocks communications with all other
computers, including those on the same
subnet.
Trusted
Is connected indirectly to a network that is
separated from the Internet by a hardware
router or firewall.
For example: in a home or office network.
Allows communications with other
computers on the same subnet, but
blocks all other network
communications.
Custom
Should communicate only through
specific ports or with a specific range of
IP addresses, or the computer is a server
providing system services.
You also need to configure additional
options (see
Configure a custom
connection on page 117).
Allows communications only with the
ports and IP addresses you specify, and
blocks all other network
communications.
Note
To specify a connection type:
1 On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy).
2 Click the Desktop Firewall tab, select a Connection Type, then click Save.
Configure a custom connection
Configure a custom connection type to designate:
Ports through which your computer can receive communications. This is required to set up
your computer as a server that provides system services. Your computer will accept
communications through any open port from any computer.
IP addresses from which your computer can receive communications. This allows you to
limit communications to specific IP addresses.
From the Firewall Custom Settings page, you can define exactly which communications the
firewall protection service allows:
Configure system services for a custom connection
Caution
For client computers used in multiple environments, it is important to update the connection
type whenever the working environment changes. For example, mobile users who connect to
both secure (trusted) and unsecure (untrusted) networks must be able to change their setting
accordingly.
Select this... When the computer... Then the firewall service...
This feature does not affect Internet applications running on client computers. To configure
Internet applications, see Set up allowed Internet applications on page 121.