Default Security Policy

The Safe@Office default security policy includes the following rules:

• Access is blocked from the WAN (Internet) to all internal networks (LAN, DMZ, primary WLAN, VLANs, VAPs, and OfficeMode).
• Access is allowed from the internal networks to the WAN, according to the firewall security level (Low/Medium/High).
• Access is allowed from the LAN network to the other internal networks (DMZ, primary WLAN, VLANs, VAPs, and OfficeMode).
• Access is blocked from the DMZ, primary WLAN, VLAN, VAP, and OfficeMode networks to the other internal networks, (including between different VLANs and VAPs).
• HTTPS access to the Safe@Office Portal (my.firewall, my.hotspot, and my.vpn) is allowed from all internal networks.
• HTTP access to the Safe@Office Portal (my.firewall, my.hotspot, and my.vpn) is allowed from all internal networks except the WLAN and VAPs. You can allow HTTP access from the primary WLAN and VAPs by creating a specific user-defined firewall rule.
• When using the print server function (see Using Network Printers), access from internal networks to connected network printers is allowed.
• Access from the WAN to network printers is blocked.

These rules are independent of the firewall security level.

You can easily override the default security policy, by creating user-defined firewall rules. For further information, see Using Rules.