1.5 Administrator's Guide

  1. Home
  2. Docs
  3. 1.5 Administrator’s Guide
  4. Commissioning the unit
  5. Network configuration
  6. Firewall Configuration
  7. Firewall Zones

Firewall Zones

The Com.X allows separation of its interfaces into different zones, each of which is authorized to access only portion s of the available network. The access provided to devices in each zone is configured through firewall policies (See section 3.3.2)

<Figure 45 firewall ports and zone allocations>

Configuration for each port can be edited by double-clicking on the desired appropriate and then selecting the desired firewall zone.

<Figure 46 changing firewall zone>

Zone

Access

Com.X

The Com.X zone contains interfaces (physical and virtual) on the Com.X system itself. This includes the ports listed on the interfaces section of the Network page of the Com.X GUI.

LAN

Interfaces placed in the LAN zone have access only to the internal network. The internet and any external destination is only reachable through another device in the DMZ.

DMZ

The De-militarized zone has access both to the internet and a limited partition of the internal network. Interfaces in this zone are typically used to provide services to users on the external network.

Internet

This zone holds any devices on the external internet.