Click on a link below to go directly to that section.

• Document Purpose
• Product Description
• NuVox Firewall Overview
• FireWall Security Policy
• Using the My FireWall Portal
• Accessing Basic Reports
• Available Basic Reports
• Enhanced Reports
• Additional Assistance

This User Guide is designed to assist customers using the NuVox FireWall service to access and use the various administration, configuration and reporting capabilities of their FireWall using the My FireWall Portal.

Top ^^

FireWall is a customer administered stateful firewall solution that is built upon NuVox’s Cisco Powered Network.

Top ^^

The NuVox Firewall service is designed to assist customers in protecting their network-based resources. Based on technologies from Cisco, the world's leader of networking equipment and top provider of security solutions, the NuVox Firewall can be a key component to any company's overall security strategy. Configured according to the customer's desired Security Policy, the Firewall provides packet filtering features for blocking malicious traffic from entering the customer's network from the Internet. And, at the same time, necessary communication is allowed from inside the network so employee's can continue to get their job done - uninterrupted and securely.

In addition to providing numerous security features, reporting features are available for each Firewall customer through their own individual Web Portal.

The NuVox Firewall basic services include the following features:

• Customized Packet Filtering
  The FireWall implements packet filtering abilities to help protect the customer’s network as defined by the customer’s unique FireWall Security Policy. By default, all traffic that originates from the Internet is prohibited from entering the customer’s internal network. At the same time, all traffic originating from inside the network is allowed out to the Internet (except for any exceptions as noted by the customer’s FireWall Security Policy). By default, the customer’s FireWall Security Policy blocks any traffic associated with Windows NetBIOS traffic from leaving the local network.



• Stateful Packet Inspection
  Providing “stateful” packet inspection capabilities allow for the NuVox FireWall to “keep track” of each network session that starts from within the customer’s internal network, ensuring that not only is the connection allowed out to the Internet, but that also the reply is allowed back in.

  Other stateful packet inspection features include the ability of the FireWall to defend against Denial-of-Service (DoS) attacks such as “SYN floods” where an attacker may attempt to overwhelm a network, or individual system, by sending a tremendous amount of specific packets at one time.

• Network Address Translation
  Using ‘network address translation’ (NAT) can be seen as providing an additional ‘virtual’ layer of protection for customer networks by using the FireWall service to further segregate the internal network from the Internet. With NAT, computers within the client’s network can use ‘private’ IP addresses – these addresses are not directly accessible by the Internet, effectively hiding all of the customers’ internal hosts from Internet-based attackers.

  If a customer does have an internal system such as a mail or web server that needs to be directly accessible from the Internet, specific NAT rules can be written to allow the required traffic, and only the required traffic, to pass through the FireWall.

• Internal Network Services
  Not only can the FireWall help protect a customer’s network, but it can also be used to provide basic network infrastructure services such as DHCP (Dynamic Host Configuration Protocol) to internal computers. In this case, the NuVox FireWall could be configured to act as a DHCP server, offloading DHCP administration responsibilities from the customer. The FireWall operating as a DHCP server could also be leveraged to provide business continuity through its configuration as a second source of DHCP addresses for internal systems.



• Basic & Enhanced Reporting Features
  Basic “built-in” reports are available for each FireWall customer to monitor various aspects of their network activity, such as the top Internet destinations for internal users.



• My FireWall Administration Portal
  To be able to make changes to their own FireWall configuration, customers can make changes through their My FireWall web portal. This collection of dynamic web pages allows for the customer to not only makes changes to their Security Policy, but also allows users to run and view reports for their own FireWall.

Additional enhanced services, such as intrusion detection and web browsing filtering, can be purchased for each FireWall installation based on the customer’s own unique needs.

Top ^^

Each customer’s unique FireWall configuration is stored in their own FireWall Security Policy. Configured based on the individual needs of each customer, the FireWall Security Policy includes specific settings which control the following:

• Port Filtering
  Port filtering is used by each FireWall to block Internet-based traffic from entering the customer’s internal network, while allowing all communication from inside the customer network out to the Internet. The only exception to this rule is that Windows NetBIOS ports are blocked from leaving the internal network for security purposes.



• Address Translations
  If an internal system needs to be accessible from the Internet, a network address translation rule can be created to allow for the required connectivity. For example, if the customer hosts their own mail server on their internal network, a special NAT rule must be written to allow Internet-based traffic to pass through to the mail server on the specific port, or ‘channel’, associated with Email traffic.



• Website Filtering (if purchased)
  If the Website Filtering service has been purchased, customers will be allowed to configure their website filtering options through the web portal. Based on technologies from Websense, the leading provider in web content filtering software, the FireWall has the ability to block a wide-range of website categories which include sites that may contain questionable or illegal material.

  For example, customers may choose to block potentially harmful categories such as ‘Adult Material’ or ‘Hacking’ or want to block websites associated with employee productivity issues such as ‘Games’ or ‘Job Search’.
  Access a complete list of Websense categories at http://www.websense.com/global/en/ProductsServices/MasterDatabase/URLCategories.php

Top ^^

The My FireWall portal allows FireWall customers to access various aspects of their FireWall installation. The customer’s own unique portal can be used to configure various aspects of the FireWall’s features while also providing customers with the ability to view reports on their network activity.

• Accessing the NuVox Customer Portal
  To access your own customized Web Portal for your company, login with your web browser at http://my.NuVox.net.. Numerous account management tools are available through the Customer Portal page, including the ability to sign up for online billing and open trouble tickets for assistance you with all of your NuVox services.



• Accessing FireWall Features through the NuVox Customer Portal
  Once logged in to your company’s web portal, you can access your Firewall’s feature-set by using the “My NuVox Navigator” tool which appears as a drop-down menu in the upper right-hand corner of the screen (Figure 1.0 on next page).

From the My FireWall page, you can currently view Basic Reports associated with your FireWall service and order additional services. Enhanced Reports are also available for customers that have purchased the additional features with enhanced reporting capabilities, such as Intrusion Detection or Website Filtering.

Top ^^

Each NuVox FireWall includes the ability for customers to view a set of reports, known as ‘Basic Reports’, used to view various activity and security aspects of their Internet connectivity. Each report can be generated by 'Last 7 Days', 'Last 30 Days' and 'Last Calendar Month'.

Accessing Basic Reports

1. To access these reports, click on the ‘Basic Reports’ link underneath the ‘My FireWall’ heading.
2. Select the report you wish to view by title.
3. In this example, we will select ‘Total Bandwidth Usage’ under Bandwidth .
4. Choose the time period on which you wish to report on.
5. In this example, we will select ‘Last Calendar Month’.
6. As your report data is generated, a swirling icon will be displayed next to the ‘My FireWall’ heading.

If you’d like to view a graph of the available data, click on the ‘Visual Graph of Report’ link just above the table. Once selected, a graphical representation of your network data will be displayed.

Top ^^

• Total Bandwidth Usage
  This report displays the amount of network traffic, or bandwidth, sorted by the following protocols:
  • Web Traffic (web browsing traffic)
  • Mail Traffic (Email traffic)
  • FTP Traffic (file transfer traffic using FTP)
  • DNS Traffic (name resolution traffic)
  • Telnet Traffic (Telnet traffic for remote management of devices)
  • Other Traffic
  
  
• Top 10 Mail Servers
  This report sorts the top 10 destinations for Email traffic from your network.


• Top 10 Websites
  This report lists the top 10 destinations for web browsing by users on your network.


• Top 10 Users
  This report shows the top 10 users based on the amount of Internet usage (by bandwidth).


• Top 10 Users - Destinations
  This report further shows the top 10 users based on the amount of their Internet usage (by bytes transferred), along with further details on their “most visited” destinations on the Internet.

Top ^^

The My FireWall portal allows FireWall customers to access various aspects of their FireWall installation. The customer’s own unique portal can be used to configure various aspects of the FireWall’s features while also providing customers with the ability to view reports on their network activity.

With each additional add-on product to the Firewall service (such as Website Filtering or Intrusion Detection capabilities), Enhanced Reports are available for customers with these extra features enabled. Following is a list of some of the Enhanced Reports that are available for the NuVox FireWall...

• Top Attacks
  This report lists the Top 10 Attacks attempted against the FireWall that were blocked.
• Top 10 Attacked Hosts
  This report lists the Top 10 hosts on the customer’s network that were attacked from the Internet.
• Top External Attackers
  This report lists the Top 10 hosts detected as launching attacks against the FireWall’s protected network.
• Top Blocked Category Attempts
  This report lists the Top 10 blocked sites that internal users are attempting to access.

Top ^^

For additional help with your NuVox FireWall service, please contact NuVox Customer Care at (800) 600-5050.

Top ^^