
Firewall Protection
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Outbound Rules (Service Blocking)
The VPN firewall allows you to block the use of certain Internet services by computers on
your network. This is called service blocking or port filtering.
Note: See Enable Source MAC Filtering on page 186 for yet another way
to block outbound traffic from selected computers that would
otherwise be allowed by the firewall.
The following table describes the fields that define the rules for outbound traffic and that are
common to most Outbound Service screens (see Figure 74 on
page 143, Figure 80 on
page 150, and Figure 86 on p
age 156).
The steps to configure outbound rules are
described in the following sections:
Configure LAN WAN Rules
Configure DMZ WAN Rules
Configure LAN DMZ Rules
Table 32. Outbound rules overview
Setting Description Outbound Rules
Service The service or application to be covered by this rule. If the service
or application does not display in the list, you need to define it
using the Services screen (see Add Customized Services on
page 172).
All rules
Action The action for outgoing connections covered by this rule:
• BLOCK always
• BLOCK by schedule, otherwise allow
• ALLOW always
• ALLOW by schedule, otherwise block
Note: An
y outbound traffic that is not blocked by rules you create
is allowed by the default rule.
Note: ALLOW rules are useful only if the traffic is already covered
by a BLOCK rule. That is, you wish to allow a subset of traffic that
is currently blocked by another rule.
All rules
Select Schedule The time schedule (that is, Schedule1, Schedule2, or Schedule3)
at is used by this rule.
• This drop-down list is activated only when BLOCK by schedule,
allow or ALLOW by schedule, otherwise block is
selected as the action.
• Use the Schedule screen to configure the time schedules (see
Set a Schedule to Block or Allow Specific Traffic on
page 185).
All rules when BLOCK
by sche
dule, otherwise
allow or ALLOW by
schedule, otherwise
block is selected as the