Contents

Introduction About Your Check Point ZoneAlarm Router Product Features Optional Security Services Software Requirements Getting to Know Your ZoneAlarm Z100G Router Package Contents Network Requirements Rear Panel Front Panel Z100G Router Status LEDs Contacting Technical Support The ZoneAlarm Firewall What Is a Firewall? Security Requirements Old Firewall Technologies Packet Filters Application-Layer Gateways Check Point Stateful Inspection Technology Packet State and Context Information The Stateful Inspection Advantage - Passive FTP Example What Other Stateful Inspection Firewalls Cannot Do Installing and Setting Up ZoneAlarm Before You Install the ZoneAlarm Router Windows Vista Checking the TCP/IP Installation TCP/IP Settings Windows 2000/XP Checking the TCP/IP Installation Installing TCP/IP Protocol TCP/IP Settings Mac OS Mac OS-X Wall Mounting the ZoneAlarm Router Securing the ZoneAlarm Router against Theft Router Installation Installing the ZoneAlarm Router Cascading Your Router Preparing the Router for a Wireless Connection Connecting the Router to Network Printers Setting Up the ZoneAlarm Router Getting Started Initial Login to the ZoneAlarm Portal Logging on to the ZoneAlarm Portal Accessing the ZoneAlarm Portal Remotely Using HTTPS Using the ZoneAlarm Portal Main Menu Main Frame Status Bar Logging off Configuring the Internet Connection Overview Using the Internet Wizard Using a PPPoE Connection Using a PPTP Connection Using a Cable Modem Connection Using a Static IP Connection Using a DHCP Connection Using Internet Setup Configuring an Ethernet-Based Connection Using a LAN Connection Using a Cable Modem Connection Using a PPPoE Connection Using a PPTP Connection Using a Telstra (BPA) Connection Configuring No Connection Viewing Internet Connection Information Enabling/Disabling the Internet Connection Using Quick Internet Connection/Disconnection Managing Your Network Configuring Network Settings Configuring the LAN Network Changing IP Addresses Enabling/Disabling Hide NAT Configuring a DHCP Server Enabling/Disabling the ZoneAlarm DHCP Server Configuring the DHCP Address Range Configuring DHCP Relay Configuring DHCP Server Options Using Network Objects Adding and Editing Network Objects Viewing and Deleting Network Objects Configuring Network Service Objects Adding and Editing Network Service Objects Viewing and Deleting Network Service Objects Managing Ports Viewing Port Statuses Enabling/Disabling Ports Modifying Link Configurations Resetting Ports to Defaults Resetting All Ports to Defaults Resetting Individual Ports to Defaults Configuring a Wireless Network Overview About the Wireless Hardware in Your ZoneAlarm Wireless Router Wireless Security Protocols Using the Wireless Configuration Wizard Manually Configuring a WLAN Troubleshooting Wireless Connectivity Using Bridges Overview Multiple Bridges and Spanning Tree Protocol Workflow Adding and Editing Bridges Adding Internal Networks to Bridges Deleting Bridges Viewing Reports Viewing the Event Log Using the Traffic Monitor Viewing Traffic Reports Configuring Traffic Monitor Settings Exporting General Traffic Reports Viewing Computers Viewing Connections Viewing Wireless Statistics Setting Your Security Policy The ZoneAlarm Firewall Security Policy What Is a Security Policy? Security Policy Implementation Security Policy Enforcement Default Security Policy Setting the Firewall Security Level Using Firewall Rules Firewall Rule Types Adding and Editing Firewall Rules Enabling/Disabling Firewall Rules Changing Firewall Rules' Priority Viewing and Deleting Firewall Rules Configuring Servers Using Web Rules Adding and Editing Web Rules Changing Web Rules' Priority Viewing and Deleting Web Rules Customizing the Access Denied Page Using SmartDefense Overview Configuring SmartDefense Using the SmartDefense Wizard Using the SmartDefense Tree SmartDefense Categories Denial of Service Teardrop Ping of Death LAND Non-TCP Flooding DDoS Attack IP and ICMP Packet Sanity Max Ping Size IP Fragments Network Quota Welchia Cisco IOS DOS Null Payload Checksum Verification TCP Strict TCP Small PMTU SynDefender Sequence Verifier Flags Port Scan FTP FTP Bounce Block Known Ports Block Port Overflow Blocked FTP Commands HTTP Header Rejection Worm Catcher Peer-to-Peer Microsoft Networks IGMP Instant Messaging Traffic Resetting SmartDefense to its Defaults Using VStream Antivirus Overview Enabling/Disabling VStream Antivirus Viewing VStream Antivirus Signature Database Information Configuring VStream Antivirus Configuring the VStream Antivirus Policy VStream Antivirus Rule Types Adding and Editing VStream Antivirus Rules Enabling/Disabling VStream Antivirus Rules Changing VStream Antivirus Rules' Priority Viewing and Deleting VStream Antivirus Rules Configuring VStream Antivirus Advanced Settings Updating VStream Antivirus Using Subscription Services Connecting to a Service Center Viewing Services Information Refreshing Your Service Center Connection Configuring Your Account Disconnecting from Your Service Center Web Filtering Enabling/Disabling Web Filtering Selecting Categories for Blocking Configuring Web Filtering Advanced Settings Temporarily Disabling Web Filtering Email Filtering Enabling/Disabling Email Filtering Selecting Protocols for Scanning Configuring Email Filtering Advanced Settings Temporarily Disabling Email Filtering Automatic and Manual Updates Checking for Software Updates when Remotely Managed Checking for Software Updates when Locally Managed Secure Remote Access Overview Configuring a Remote Access VPN Configuring the SecuRemote Remote Access VPN Server Installing SecuRemote Installing a Certificate Generating a Self-Signed Certificate Importing a Certificate Uninstalling a Certificate Viewing VPN Tunnels Viewing IKE Traces for VPN Connections Managing Users Changing Your Login Credentials Adding and Editing Users Viewing and Deleting Users Setting Up Remote VPN Access for Users Using Remote Desktop Overview Workflow Configuring Remote Desktop Configuring the Host Computer Accessing a Remote Computer's Desktop Maintenance Viewing Firmware Status Updating the Firmware Upgrading Your License Configuring Syslog Logging Configuring HTTPS Setting the Time on the Router Using Diagnostic Tools Using IP Tools Using Packet Sniffer Filter String Syntax and dst dst port ether proto host not or port src src port tcp udp Backing Up the ZoneAlarm Router Configuration Exporting the ZoneAlarm Router Configuration Importing the ZoneAlarm Router Configuration Resetting the ZoneAlarm Router to Defaults Running Diagnostics Rebooting the ZoneAlarm Router Using Network Printers Overview Setting Up Network Printers Configuring Computers to Use Network Printers Windows Vista Windows 2000/XP MAC OS-X Viewing Network Printers Changing Network Printer Ports Resetting Network Printers Troubleshooting Connectivity Service Center and Upgrades Other Problems Specifications Technical Specifications CE Declaration of Conformity Federal Communications Commission Radio Frequency Interference Statement Glossary of Terms ADSL Modem CA Cable Modem Certificate Authority Cracking DHCP DMZ DNS Domain Name System Exposed Host Firmware Gateway Hacking HTTPS Hub IP Address IP Spoofing IPSEC ISP LAN MAC Address Mbps MTU NAT NetBIOS WLAN Packet PPPoE PPTP RJ-45 Router Server Stateful Inspection Subnet Mask TCP TCP/IP UDP URL VPN VPN tunnel Index