Authonet Firewall F-10 Installation guide
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 1
AUTHONET FIREWALL
OVERVIEW AND OPERATION
MANUAL
Cyber
-
Security for the Enterprise
Revision 4, February 2019
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 2
AUTHONET FIREWALL OVERVIEW AND OPERATION MANUAL
Contents
PART 1: INTRODUCTION TO THE AUTHONET FIREWALL
Problems with Conventional Firewalls
Dangers from Hackers
Hackers pose two major threats to computer networks
Using The Authonet Firewall
Applications for the Authonet Firewall
PART 2: INSTALLING AND CONFIGURING THE AUTHONET FIREWALL
Network Installation of the Authonet firewall
Login as the Administrator
Adding Administrators
The Groups
What is a Device? it has a MAC address and has requested an IP address
What is a Rule? it can be open access to the Internet or access to specific websites
The Overview Tree: graphic representation of the groups and associated devices and
rules
The importance of allowing access only to specific websites, not to the whole Internet
The two default groups, unknown devices and known devices
Simplest firewall configuration
Adding device information
Adding rules to the Known device group
Creating New Device Groups
Creating New Access Rules
Settings: Adding inbound access from the Internet - Port Forwarding
Settings: Adding inbound access from the Internet - DMZ
Settings: Network, LAN port configuration
Settings: Network, WAN port configuration
Settings: Network, 1:1 NAT
Settings: Network, WAN DNS IP
Settings: DNS Management
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 3
Settings: VPN
Settings: Email
Settings: Auto Blocked IP's
Settings: Firewall Settings
Settings: OpenDNS
Settings: Timezone
Dashboard: Overview
Dashboard: IP Leases
Dashboard: Connected Devices
Dashboard: ARP Table
Report Logs: Current Connections
Report Logs: Auth History
Report Logs: DNS History
Report Logs: Admin History
Report Logs: IDS Events
Report Logs: IPS Events
Report Logs: Port Forward Events
Admin controls: Logout
Admin controls: Reboot
Admin controls: Factory Reset
Admin controls: Upgrade Firmware, Backup Settings
Tutorials
Differences between the Authonet F1 and F10 firewalls
Online Support
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 4
AUTHONET FIREWALL OVERVIEW AND OPERATION MANUAL
PART 1: INTRODUCTION TO THE AUTHONET FIREWALL
The Authonet firewall is different to all other firewalls for two reasons:
1. The firewall was designed to be installed by people with very limited IT and network
knowledge.
2. The firewall blocks all inbound and outbound traffic until specifically enabled to ensure
that the network is protected from hackers.
Authonet customers who are familiar with configuring other firewalls may be surprised at the
approach taken by Authonet to develop the firewall user interface. Authonet customers who are
setting up their first firewall will find the intuitive design approach easy to use.
Problems with Conventional Firewalls
Most firewalls have policy of allowing both inbound and outbound access until rules are entered
by the user to control the flow of data. Although this approach follows firewall convention, it can
allow hacker access when miss-configured by an inexperienced user who is not familiar with
setting rules that are available.
Dangers from Hackers
Computer hackers are usually motivated by one of four reasons, to hack into a government or
private computer network:
1. Bragging rights with their peers, usually young people who are learning to hack.
2. Destroy computer information, databases, etc. for one of various motives. The hacker
maybe a disgruntled ex-employee, a person with radical political beliefs, a competitor, a
foreign government conducting a type of underground warfare, or a crime entity that is
being paid to cause havoc.
3. Steal information from computer databases for financial or political gain by selling the
stolen information. The hacker may be a competitor, a foreign government or an
organized crime syndicate.
4. Theft of money by ransom. Ransomware is a class of hacking whereby the hacker gains
access to the database and then encrypts the data. The hacker then sends a request for
ransom to the business or government entity demanding a ransom to be paid in
untraceable Bitcoin in order to provide the key that will unlock the data. In 50% of these
cases the hacker receives the payment but does not unlock the data, usually because the
data was erased and not encrypted. Hackers will also share information about a target
who has paid so that the business or government entity becomes a target for another
hacker. Ransomware is often used with healthcare entities because they pay quickly
when patent data cannot be accessed.
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 5
Hackers pose two major threats to computer networks
The first threat to a computer network is to be hacked directly from the Internet. This is common
for a network that does not have a firewall, where all network devices are connected directly to a
router. Low cost routers have known exploits that permit the hacker to access the network
devices once the router type has been identified.
The second and more common threat is from the installation of a 'trojan' virus on one of the user
computers. The advantage of the trojan is that once installed, the trojan calls the hacker and
gives control of the computer to the hacker. This method can bypass completely a firewall with
inbound blocking. The trojan is usually installed via an email link or attachment that installs the
trojan software on the users computer. Most computer users are aware that they should not click
on email links or open attachments. However a hacker can bombard the employees of a company
with emails that duplicate the type of email that would be sent by a bank or a company such as
Facebook or Ebay to trick the user. Once the hacker has control of a users computer then that
computer can be used to hack into the data servers. The computer user has no idea that a
hacker is also sharing the computer, but may notice that the computer is running more slowly
than usual. Most successful hacks use the trojan virus method.
Using The Authonet Firewall
The Authonet firewall departs from conventional firewall design and permits a secure firewall to
be installed by people who have limited technical knowledge. The Authonet firewall was designed
to be installed by a person who knows how to use a computer and who can install a DSL router.
The Authonet Firewall is installed in the network between the DSL router and all other network
components. This is easily done and entails swapping two Ethernet cables. The connection of the
firewall is shown in the figure below.
1
1/7/17
InternetInternet
DSL/ Cable
router
LAN
port
Laptop
WAN
port
Switch or
VLAN switch
Wireless access points
Multi-OS servers and services
USER SUBNET
Smart phone Tablet Desktops
AUTHONET
Admin
Authonet Firewall
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 6
When the firewall had been installed there is no connection from network computers to the
Internet, and any attempt to access network computers from the Internet is blocked. Blocking
access from the Internet to the network computers will thwart a hacker who attempts to access
the network from the Internet. It is possible to add rules to permit certain types of access from
the Internet to the network computers, however this should be avoided as each access rule is a
potential point of access for a hacker.
At first the inability of network computers to have Internet access is seen as a problem, however
this is of great benefit by blocking the hacker who tries to install a trojan on a users computer. A
rule can be added to give all computers access to the whole Internet, however it is much safer to
permit access only to those websites that the users will need to access for their day to day tasks.
This approach has the benefit that if a trojan is accidentally installed on a users computer then it
cannot call the hacker because the firewall will block the outbound call, as computers can only
communicate with permitted websites. The diagram below illustrates a trojan virus installed on a
users computer, which is blocked by the firewall when trying to contact the hacker.
Most business and government departments will have difficulty with a one-rule-fits-all regarding
the websites that computers are allowed to access. For this reason the Authonet firewall permits
the creation of multiple groups where each group can have access to named websites. Groups
can be created for business departments, like management, production, financial and sales. Each
group can have a different list of websites that the computers (and users) in that group are
permitted to access.
An added bonus of permitting access only to specific website is that access is blocked to websites
that may distract employees, such as social media. This can improve productivity for some
businesses.
Internet
Firewall
User desktopServers and devices
Attempted
attack on
servers by
tojjan
Direct attack to server
blocked by firewall
Firewall
blocks
the
trojans
remote
access
to the
desktop
InternetInternet
Firewall
User desktopServers and devices
Attempted
attack on
servers by
tojjan
Direct attack to server
blocked by firewall
Firewall
blocks
the
trojans
remote
access
to the
desktop
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 7
Applications for the Authonet Firewall
The Authonet firewall has been developed to protect small businesses from attack by hackers.
The majority of large business that have IT departments or use outsourced IT service providers
have firewalls installed, however most small business are unprotected. There are two reasons for
this:
Firewalls are expensive products, and have additional ongoing expenses for support,
firmware upgrades and services such as content filtering.
Firewalls are difficult to install and require expensive specialist skills.
The Authonet firewall was designed to solve the cost issue listed above:
The Authonet F10 firewall costs less than $200, support is free, firmware upgrades are
free and additional services are free.
The Authonet F1 firewall costs less than $100, support is free, firmware upgrades are
free and additional services are free.
The Authonet firewall was designed to solve the difficulty of use issue listed above:
The Authonet firewall has a radically new approach to installation and configuration. A
customer who understands how to use a computer will be able to install the Authonet
firewall, just as small business owners now install computers, computer software and
wireless routers.
This documentation is a guide to installing and using the Authonet firewall. The installation
procedure is intuitive and the method of configuration ensures that the business network is
protected.
Customers who have installed other firewalls will first be surprised that the configuration
procedure for the Authonet firewall is completely different to other firewalls. They will be
surprised a second time when they realize how easy it is to configure and install the Authonet
firewall. Some will ask the question: why don't other manufacturers make installation and
configuration this easy!
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 8
PART 2: INSTALLING AND CONFIGURING THE AUTHONET FIREWALL
The Authonet firewall is a router and will therefore issue IP addresses to computer and devices
that request an IP address (DHCP).
Network Installation of the Authonet firewall
Case 1: All network computers are connected to a switch, and the switch is connected to one of
the DSL/cable router LAN ports. Unplug the Ethernet cable from the router LAN port and plug it
into one of the Authonet firewall LAN ports. Connect an Ethernet cable from the Authonet firewall
WAN port to the router LAN port.
Case 2: Network computers are connected to the four router LAN ports. Move the network
connection from each of the router LAN ports to the corresponding Authonet firewall LAN ports.
Connect an Ethernet cable from the Authonet firewall WAN port to the router LAN port.
Case 3: The Internet connection is a cable modem and a router is used to connect the cable
modem to the network computers. Replace the router with the Authonet firewall. Note that the
Authonet WAN port must be configured for the same static IP address that the router was
configured with.
Please see the Quick Start Guide that is shipped with every Authonet firewall. The quick start
guide can also be downloaded from the Authonet website.
Wireless access Servers and
devices
Wired
computers
SECURE
NETWORK
InternetInternet
DSL/ Cable
router
LAN
port
WAN
port
Switch or
VLAN switch
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 9
Login as the Administrator
Connect the Authonet firewall to the Internet router, and connect a computer to the Authonet
firewall as shown below:
The computer will be configured to request an IP address (DHCP client) and will get an IP
address from the Authonet firewall. The IP address will be in the range 172.16.xx.xx.
Open the computer browser and type in the following domain:
ulogin.net
Wait a few seconds and then the login page will open. The screen is shown below:
Internet
Configuration
computer
Product Configuration
Internet
LAN port
https://ulogin.net/
WAN port
Internet
Configuration
computer
Product Configuration
Internet
LAN port
https://ulogin.net/
WAN port
Default first time login
User: admin
Pass: password
Select language
1.
2.
3.
Open the browser page
at:
https://ulogin.net/
See the login screen
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 10
The administrator username is admin, and the default password is password. If desired the
firewall can be configured in Spanish by clicking on the flag shown.
When the login process has been completed the dashboard display is shown, see the figure
below:
First change the admin password, click 'admin' at the top of the left side menu. The tab will
open. Enter a new admin password as shown below.
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 11
Adding Administrators
Several administrators can manage the Authonet firewall if required. This is a useful feature for
any business that out-sources IT work to a managed service provider. The provider can connect
remotely and make any changes that the business requires. Go to the Settings Page, Admin
Users.
The admin users page has two additional buttons. The change password parameters button
permits the password default parameters to be changed. The default settings are:
Reset frequency = 0 (a value > 0 forces the password to be reset periodically)
Minimum password length = 9 characters
Minimum password lowercase letters = 2
Minimum password uppercase letters = 2
Minimum password symbols = 1
Minimum password numbers = 1
Inactive admin logout time = 30 minutes
Change any setting then click the save changes button at the bottom of the page.
The download settings button permits the settings file to be downloaded to the admin computer.
Click on the box to add a new user. The following screen is used to enter the new administrator
information. When the new administrator information has been entered click the save changes
button.
Change the
password
minimum
parameters
Click to
download
settings
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 12
The Groups
When a firewall is installed in a business network the configuration process takes time because
users each have different configurations, with specific requirements for accessing the Internet.
The Authonet firewall simplifies the configuration process with the concept of groups, where
users (devices) and rules are assigned to each group. Many groups can be created.
Device Group 2
Device DDevice C
Access
rules
Device Group 2
Device DDevice C
Access
rules
Device Group 1
Device BDevice A
Access
rules
Device Group 1
Device BDevice A
Access
rules
Manager Accounting Production Reception
Example
employee
roles
InternetInternet
Devices Device group
rules
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 13
When the Authonet firewall is installed in a network, all data communications from the Internet
to the network computers (WAN to LAN) and all communications from the network computers to
the Internet (LAN to WAN) is blocked.
It is desirable that communications from WAN to LAN is always blocked to prevent hackers
getting access to the network computers. It is possible to open access (see Port Forwarding in a
later section) however any point of access is a weakness that a hacker can exploit.
Computers in the network will need to access the Internet, however the access provided should
be limited to prevent a hacker communicating with a trojan that has been installed on a network
computer (see Part 1).
Internet access permissions are given to a network computer by first assigning it to a group, then
assigning one or more access rules to the group.
As stated previously, it is far safer to assign domain (website) access only for those websites that
are required to be accessed by the network computer. Allowing access to all Internet websites
will permit a trojan virus to communicate with the hacker if accidentally installed on the network
computer.
When the Authonet firewall is installed it has two default groups, the unknown devices and the
known devices. The devices (computers and peripherals) connected to the network as listed as
unknown devices. Each device can be given a name (e.g. the name of the users) and then it
moves to the known devices group.
Subsequently, new groups can be created, and both unknown and known devices can be moved
to the new group. Groups are usually created to represent the departments of a business (e.g.
management, sales, accounting, etc) as it is usual that all computers within a department will
have identical Internet access rules.
What is a device? it has a MAC address and has requested an IP
address
A device is a computer or peripheral (e.g. printer) that has a MAC address. A computer device
will represent one or more network users. Devices will usually request an IP address from the
Authonet firewall. Some devices may require a static IP address and this should be allocated
within the LAN subnet range, but outside the LAN DHCP range (e.g. 172.16.0.2 to 172.16.0.254).
When the device is first connected to the network it is listed as an unknown device. The device
should be given a name, preferably the name of the user, so that it can be recognized when
looking at log information on the Authonet admin pages. When the device has been given a
name it is moved to the known devices group.
InternetInternet
Device
LAN
Internet
WAN
LAN > WAN access for a device is
determined by the firewall rules that are
assigned to the group to which the device
belongs
Device Group 1
Device BDevice A
Access
rules
Device Group 1
Device BDevice A
Access
rules
Device Group 1
Device BDevice A
Access
rules
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 14
The device can now be moved to a group that has been
created for the device. It is usual that groups follow
department assignments within a business.
Within a small business it may be sufficient to have all devices
assigned to the known group and apply one set of access rules
to the known group. Larger businesses may have different
Internet access requirements for each group of employees,
and so groups should be created based on the Internet access
requirements of each group of employees.
What is a rule? it can be open access to the Internet or access to
specific websites
The Authonet firewall has three default Access Rules:
Blocked: Blocks access to a set of IPs and DNS
entries under ANY circumstance. This overrides all
other Access Rules.
Allowed: Allows access to a set of IPs and DNS
entries for all users of the network.
Public: This special Access Rule allows a Device
Group to access the Public Internet; however any IP
or DNS entries contained within Blocked Access Rules
will prevent access.
The default access rules can be added to one or to many groups.
New rules can be created and added to one or more groups.
The Overview Tree: graphic representation of the groups, and
associated devices and rules
The Management,
Overview Tree
illustrates the
groups and the
devices and rules
associated with
each group.
A device can be
associated with
only one group,
whereas a rule
can be associated
with many
groups.
Click on the boxes
for the groups,
devices and rules
to edit the
information.
Device Group 1
Device BDevice A
Access
rules
Device Group 1
Device BDevice A
Access
rules
Device Group 1
Device BDevice A
Access
rules
Device Group 1
Device BDevice A
Access
rules
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 15
The importance of allowing access only to specific websites, not to the
whole Internet
The Public rule will add access to the whole Internet for any group to which it is assigned. The
Blocked rule can be added to the group to prevent access to specific domains (websites) on the
Internet.
The Public rule presents a potential hazard for network users as stated previously. When a user
accidentally clicks on a link in a malicious email and installs a trojan virus, the virus will attempt
to call the hacker to give the hacker access to the computer and use it as a tool to hack the
network servers.
Wherever possible, a group should have the Allowed rule assigned, or a rule created for access
to specific websites that are required by the user. This action will prevent a trojan virus
communicating with the hacker after accidental installation.
The two default groups, unknown devices and known devices
Click on the Management tab, device groups, to see the list of device groups. Initially only two
default groups will appear, Unknown devices and Known devices. This is shown on the following
figure.
A new group has already been added to the configuration above (
testgroup
) by clicking on the
box + Add a new group.
Click to add a new
device group
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 16
Simplest firewall configuration
The simplest firewall configuration is made by adding rules to the Unknown device group for a
one-rule-fits-all configuration.
When the Authonet firewall is first installed, all devices are part the Unknown device group.
Devices are not listed in the Unknown device group, however they can be seen by clicking on the
connected devices list, and are listed under unknown devices.
However, if different rules must be applied to different devices, then first name the devices so
that they move to the known device group. Next create groups corresponding to each of the
different device group rules. Finally move the devices from the Known device group to the group
that has been created for the device and has the corresponding access rules.
Adding device information
Unknown Device information is listed in the connected devices list, under the heading unknown
devices. In order to add a device to a group it should first become a known device to make
identification easy. Click on the device in the Unknown device list shown below in order to enter a
name for the device, and transfer the device to Known Devices.
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 17
Each device can be identified by the device MAC address which will be printed on a label on the
device. Alternatively, look at the IP address on the device in order to identify the device in the
Unknown Device list
Click on the unknown device entry then the device entry screen will open as shown in the figure
below.
A device ID number will be issued by the Authonet firewall. Enter the device name and the
device description then save changes.
It is usual that the device name is the name of the user of that device (e.g. Johns computer).
The device description can be the type of the device (e.g., PC, MAC) and the location of the
device (e.g. Johns office). However these names can be of the installers choosing, the purpose is
to easily identify and locate any device that is listed by the Authonet firewall.
Upon saving the changes the device is added to the known device list. This is shown in the next
figure.
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 18
Adding rules to the Known device group
When all unknown devices have been documented and moved to the known device list, they are
listed in the Known device group. This is shown in the figure below.
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 19
Rules can now be added to the known device group. There is one rule which is ready to use, this
is the Internet access rule. This is shown in the figure below.
Even though the Public Internet Access rule gives full Internet access, access to specific websites
can be blocked by creating a blocked IP rule. The Blocked IP rule overrides the access rule.
However as stated previously it is never desirable to give a user full Internet access because if
that user clicks on an email link which installs a trojan virus, then there is nothing to stop the
trojan calling the hacker, and giving the hacker full access to the users computer.
The preferred method is to create an Allowed IP rule which give access only to those websites
that the user needs to access. If or when the user accidentally installs a trojan virus then any
attempt by the trojan to call the hacker will be blocked.
See the later section on creating new access rules.
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 20
Creating New Device Groups
When installing the Authonet firewall it is usually not possible to configure a one-rule-fits-all
scenario as different groups of employees in the company will have different requirements in
terms of what they need to access via the Internet. It is likely that a business manager will want
to block access to social media website for those employees who have no necessity for this
access. This will prevent employees updating social media information during work time.
However marketing and sales staff will need access to social media websites. Device group
creation usually follows the departmental organization inside a business. For example device
groups could be as follows:
Management (full Internet access, however these users must take care not to click on
email links or attachments)
Sales and marketing (access to many websites, including social media)
Financial (access to specific websites)
Production (access to specific websites)
Purchasing and inventory (access to specific websites)
Shipping (access to specific websites)
The computers used by employees in each department are assigned to the corresponding
groups.
Any number of websites can be added to the Allowed IP rule. It is much better to keep adding
websites to the rule than to risk a trojan attack with possible data theft, ransomware or data
vandalism.
When the + Add a new group box is clicked, the display shown below appears:
Other manuals for Firewall F-10
1
Table of contents
Other Authonet Firewall manuals
