Default Security Policy
The UTM-1 default security policy includes the following rules:
- Access is blocked from the WAN (Internet) to all internal networks (LAN, DMZ, primary WLAN, VLANs, VAPs, and OfficeMode).
- Access is allowed from the internal networks to the WAN, according to the firewall security level (Low/Medium/High).
- Access is allowed from the LAN network to the other internal networks (DMZ, primary WLAN, VLANs, VAPs, and OfficeMode).
- Access is blocked from the DMZ, primary WLAN, VLAN, VAP, and OfficeMode networks to the other internal networks, (including between different VLANs and VAPs).
- HTTPS access to the UTM-1 Portal (my.firewall, my.hotspot, and my.vpn) is allowed from all internal networks.
- HTTP access to the UTM-1 Portal (my.firewall, my.hotspot, and my.vpn) is allowed from all internal networks except the WLAN and VAPs. You can allow HTTP access from the primary WLAN and VAPs by creating a specific user-defined firewall rule.
- When using the print server function (see Using Network Printers), access from internal networks to connected network printers is allowed.
- Access from the WAN to network printers is blocked.
These rules are independent of the firewall security level.
You can easily override the default security policy, by creating user-defined firewall rules. For further information, see Using Rules.