Visitor
•
1 Message
Clarification on Firewall Information
Hi,
I am interested in learning what the firewall settings of my xfi gateway mean in plain english. For the three firewall settings we have:
LAN-to-WAN : Allow as per below.
- HTTP and HTTPS (TCP port 80, 443)
- DNS (TCP/UDP port 53)
- NTP (TCP port 119, 123)
- email (TCP port 25, 110, 143, 465, 587, 993, 995)
- VPN (GRE, UDP 500, 4500, 62515, TCP 1723)
- iTunes (TCP port 3689)
WAN-to-LAN : Block all unrelated traffic and enable IDS
LAN-to-WAN : Allow all.
WAN-to-LAN : Block as per below and enable IDS.
- IDENT (port 113)
- ICMP request
-
- Peer-to-peer apps:
- kazaa - (TCP/UDP port 1214)
- bittorrent - (TCP port 6881-6999)
- gnutella- (TCP/UDP port 6346)
- vuze - (TCP port 49152-65534)
LAN-to-WAN : Allow all.
WAN-to-LAN : Block as per below and enable IDS.
- IDENT (port 113)
What does LAN-to-WAN and WAN-to-LAN mean in these contexts? These rules sound like WAN-to-LAN (which I perceive as inbound connections) is only blocking the listed ports, which sounds insecure. Shouldn't most consumer routers block all inbound connections by default? If that is what the xfi gateway is doing (which is unclear based on the wording), why highlight specific ports that its blocking if all are blocked by default? Is there a higher level of blocking or security?
In addition, I was wondering what exactly does xfinity advanced security do? Links like https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security are somewhat vague in the details. It sounds like it has some sort of known risky site list and dangerous source list and then is using some sort of heuristic to monitor network traffic for unusual activity. Does it do anything besides that? How does it accomplish these things?
Thank you for your help and clarification.
No Responses!