Section 3 - Configuration
A firewall protects your network from the outside world. The D-Link DIR-615 offers a firewall type functionality. The SPI feature helps
prevent cyber attacks. Sometimes you may want a computer exposed to the outside world for certain types of applications. If you choose
to expose a computer, you can enable DMZ. DMZ is short for Demilitarized Zone. This option will expose the chosen computer completely
to the outside world.
Enable SPI:
SPI (Stateful Packet Inspection, also known as dynamic packet filtering) helps to prevent cyber attacks by tracking more
state per session. It validates that the traffic passing through the session
conforms to the protocol.
NAT Endpoint
Select one of the following for TCP and UDP ports:
Filtering:
Endpoint Independent - Any incoming traffic sent to an open port will
be forwarded to the application that opened the port. The port will close
if idle for 5 minutes.
Address Restricted - Incoming traffic must match the IP address of
the outgoing connection.
Address + Port Restriction - Incoming traffic must match the IP address
and port of the outgoing connection.
Enable Anti-Spoof
Enable this option to provide protection from certain kinds of "spoofing"
Checking:
attacks.
Enable DMZ Host:
If an application has trouble working from behind the router, you can
expose one computer to the Internet and run the application on that
computer.
Note: Placing a computer in the DMZ may expose that computer to a
variety of security risks. Use of this option is only recommended as a
last resort.
IP Address:
Specify the IP address of the computer on the LAN that you want to
have unrestricted Internet communication. If this computer obtains it's IP
address automatically using DHCP, be sure to make a static reservation
on the System > Network Settings page so that the IP address of the
DMZ machine does not change.
D-Link DIR-615 User Manual
Firewall Settings
44