Manage Firewall Configuration
Comodo Dome's highly configurable packet filtering firewall offers the highest levels of security against inbound and outbound threats.
The firewall lets you create rules to manage the following types of traffic:
- NAT - (Network address translation). Route traffic from a publicly facing IP to an internal IP and vice-versa. Dome Firewall supports both Source NAT and Destination NAT.
- DNAT – (Destination Network Address Translation). Routes incoming traffic for a public IP to an internal address. DFW supports DNAT for traffic from external IPs and from inter-zone traffic.
- SNAT – (Source Network Address Translation). Routes traffic from an internal address to a public IP. Typically used by users inside a network to access the internet or other zones from a private IP.
- Incoming traffic - Traffic from external network zones to hosts in the internal network zone
- Outgoing traffic - Traffic from hosts to the external network zone
- Inter-zone traffic - Traffic between network zones connected to the virtual appliance
- VPN traffic - Traffic generated by VPN users
- System Access - Access to the DFW virtual appliance
- Each kind of
traffic requires a specific type of rule in order to allow or block
traffic of that type.
- In addition to any rules that you create, the virtual appliance generates a set of 'System Rules' which cannot be disabled or edited.
- System rules are essential to ensure interoperability between firewall services and your network infrastructure.
- Click the 'Firewall' link on the left to open a sub-menu which allows you to create and manage rules.
The following sections provide detailed descriptions on rule construction for each firewall module: