• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1100
  • Last Modified:

Does the Draytek 2820 firewall need to be configured to protect home network?

Hi,
Just bought a draytek 2820 ADSL router.

Looking though the menu, it has a new object-type setup for it's firewall.  Looking at the defaults it doesnt seem to actually block much apart from some LAN -> WAN netBIOS traffic.

Does this Router need futher configuration to protect the LAN?

I'm used to having routers where everything is blocked unless you unblock it, this looks quite different...
0
jmsjms
Asked:
jmsjms
  • 3
  • 2
1 Solution
 
asdlkfCommented:
I'd start with a "deny any any" rule and then start inserting permit statements before it...

0
 
plug1Commented:
ITs default is to block all incoming traffic and allow outgoing traffic. Even without the firewall the NAT alone wouldnt let anything by, but you need to add exceptions to the firewall to allow anything external onto your network.

Panic over :)
0
 
jmsjmsAuthor Commented:
Yep I would agree if knew that the router needed to be setup, but what I need is confirmation as to wether this "security" router protects a LAN with it's settings out of the box.

J
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

 
plug1Commented:
Yes, thats what I said, it wont allow any external traffic into your network without configuring allow rules in the firewall. Ive rolled out 25 of these across the UK in the last month.
0
 
jmsjmsAuthor Commented:
Sorry Plug.  Didnt see your post when I typed in my response above.  Thats my gut feeling and looking at the earlier Drayteks they have the same rules but please bear with me.

What made me worry is that on the 2820, the Firewall general setup page, under "Actions for filter"  has a dropdown list set to "Pass" for filter. (I've not seen this on earlier Drayteks) So it looks like the default is to pass traffic that goes through the rule set.

This would be be true in some other firewalls as they have a blocking rule at the bottom, as asdlkf suggests.
 
Perhaps the way the Draytek works is that the traffic is indeed passed, but passed to the Open Ports section and then only allowed though if it matches settings in the Open ports page?

I've not seen anything confirming this have you?

I appreciate that I'm being a bit thick-headed here but I need to be sure. :-)



0
 
jmsjmsAuthor Commented:
THanks for your help.  I've not got a complete explanation (maybe Draytek should update their manuals!) but I trust it now.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now