Adding an Outbound Firewall

In this scenario, Acme Company is running TCP/IP and IPX on the network. Acme wants to use Novell BorderManager 3.8 as an outbound firewall only, as shown in the following figure. Acme wants to be able to do the following:

• Add an outbound-only firewall to secure the network
• Use a dial-up connection to the Internet Service Provider (ISP)
• Allow only internal users on the intranet to access the Internet
• Prevent Internet users from accessing or viewing the intranet

The following Novell BorderManager 3.8 components are used to implement this scenario, as shown in the following figure:

• Packet filtering
• Network Address Translation (NAT)
• Proxy Services Transparent proxy application
• Access control

Figure 25
Outbound-Only Firewall

To implement Novell BorderManager 3.8 as an outbound-only firewall on the network, Acme Company must perform the following general sequence of steps:

1. Install Novell BorderManager 3.8 and enable packet filtering on public interfaces during the installation.

   For more information and for Novell BorderManager 3.8 installation procedures, refer to Novell BorderManager 3.8 Installation guide.

2. Use the NIASCFG utility to enable and configure NAT for the WAN call to the ISP.
3. Use the Novell BorderManager 3.8 Services page in NetWare Administrator to enable and configure the Transparent proxy application.

   For more information and for configuration procedures, refer to the Advanced Configuration of Proxy Service.

4. Using NetWare Administrator to enable and configure access control rules for the intranet users.

   For more information and for configuration procedures, refer to the access control online documentation.