Adding an Outbound Firewall

In this scenario, Acme Company is running TCP/IP and IPX on the network. Acme wants to use Novell BorderManager 3.7 as an outbound firewall only, as shown in the following figure. Acme wants to be able to do the following:

• Add an outbound-only firewall to secure the network
• Use a dial-up connection to the Internet Service Provider (ISP)
• Allow only internal users on the intranet to access the Internet
• Prevent Internet users from accessing or viewing the intranet

The following Novell BorderManager 3.7 components are used to implement this scenario, as shown in teh following figure:

• Packet filtering
• Network Address Translation (NAT)
• Proxy Services Transparent proxy application
• Access control

Figure 25
Outbound-Only Firewall

To implement Novell BorderManager 3.7 as an outbound-only firewall on the network, Acme Company must perform the following general sequence of steps:

1. Install Novell BorderManager 3.7 and enable packet filtering on public interfaces during the installation.

   For more information and Novell BorderManager 3.7 installation procedures, refer to Novell BorderManager 3.7 Installation Guide .

2. Using the NIASCFG utility, enable and configure NAT for the WAN call to the ISP.
3. Using NetWare Administrator, Novell BorderManager 3.7 Services page, enable and configure the Transparent proxy application.

   For more information and configuration procedures, refer to the Advanced Configuration of Proxy Services.

4. Using NetWare Administrator, enable and configure access control rules for the intranet users.

   For more information and configuration procedures, refer to the access control online documentation.