jupiter netscreen 25 port scanning t can protection

i have a netscreen ns 25,
in is screening => screen link
there is many categories like flood defence, MS-Windows Defense, Denial of Service Defense, Protocol Anomaly Reports -- IP Option Anomalies, Protocol Anomaly Reports -- TCP/IP Anomalies, Scan/Spoof/Sweep Defense

to protect from hack, should in setup in untrust zone or trust zone?

there is also select to setup thoese in v1-trust and v1-untrust zone, to protect from port scanning, use which zone?

expert please advice.
john80988Asked:
Who is Participating?
 
QlemoConnect With a Mentor DeveloperCommented:
Those v1* zones cannot be used if your NS is in routing (versus bridging) mode. In bridging mode, the NS works like a switch.
With routing mode, you have a WAN and at least one LAN side. WAN is in the Untrust zone, and that is where the defense should start. So the prior answer is correct - you use Screening in Untrust most of the time.
0
 
Rick_O_ShayCommented:
Screens normally go in the untrust zone. You can see in the counters to see what ones are hitting.
0
All Courses

From novice to tech pro — start learning today.