Authonet Firewall F-10 Installation guide
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 1
AUTHONET FIREWALL
OVERVIEW AND OPERATION
MANUAL
Cyber
-
Security for the Enterprise
Revision 4, February 2019
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 2
AUTHONET FIREWALL OVERVIEW AND OPERATION MANUAL
Contents
PART 1: INTRODUCTION TO THE AUTHONET FIREWALL
Problems with Conventional Firewalls
Dangers from Hackers
Hackers pose two major threats to computer networks
Using The Authonet Firewall
Applications for the Authonet Firewall
PART 2: INSTALLING AND CONFIGURING THE AUTHONET FIREWALL
Network Installation of the Authonet firewall
Login as the Administrator
Adding Administrators
The Groups
What is a Device? it has a MAC address and has requested an IP address
What is a Rule? it can be open access to the Internet or access to specific websites
The Overview Tree: graphic representation of the groups and associated devices and
rules
The importance of allowing access only to specific websites, not to the whole Internet
The two default groups, unknown devices and known devices
Simplest firewall configuration
Adding device information
Adding rules to the Known device group
Creating New Device Groups
Creating New Access Rules
Settings: Adding inbound access from the Internet - Port Forwarding
Settings: Adding inbound access from the Internet - DMZ
Settings: Network, LAN port configuration
Settings: Network, WAN port configuration
Settings: Network, 1:1 NAT
Settings: Network, WAN DNS IP
Settings: DNS Management
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 3
Settings: VPN
Settings: Email
Settings: Auto Blocked IP's
Settings: Firewall Settings
Settings: OpenDNS
Settings: Timezone
Dashboard: Overview
Dashboard: IP Leases
Dashboard: Connected Devices
Dashboard: ARP Table
Report Logs: Current Connections
Report Logs: Auth History
Report Logs: DNS History
Report Logs: Admin History
Report Logs: IDS Events
Report Logs: IPS Events
Report Logs: Port Forward Events
Admin controls: Logout
Admin controls: Reboot
Admin controls: Factory Reset
Admin controls: Upgrade Firmware, Backup Settings
Tutorials
Differences between the Authonet F1 and F10 firewalls
Online Support
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 4
AUTHONET FIREWALL OVERVIEW AND OPERATION MANUAL
PART 1: INTRODUCTION TO THE AUTHONET FIREWALL
The Authonet firewall is different to all other firewalls for two reasons:
1. The firewall was designed to be installed by people with very limited IT and network
knowledge.
2. The firewall blocks all inbound and outbound traffic until specifically enabled to ensure
that the network is protected from hackers.
Authonet customers who are familiar with configuring other firewalls may be surprised at the
approach taken by Authonet to develop the firewall user interface. Authonet customers who are
setting up their first firewall will find the intuitive design approach easy to use.
Problems with Conventional Firewalls
Most firewalls have policy of allowing both inbound and outbound access until rules are entered
by the user to control the flow of data. Although this approach follows firewall convention, it can
allow hacker access when miss-configured by an inexperienced user who is not familiar with
setting rules that are available.
Dangers from Hackers
Computer hackers are usually motivated by one of four reasons, to hack into a government or
private computer network:
1. Bragging rights with their peers, usually young people who are learning to hack.
2. Destroy computer information, databases, etc. for one of various motives. The hacker
maybe a disgruntled ex-employee, a person with radical political beliefs, a competitor, a
foreign government conducting a type of underground warfare, or a crime entity that is
being paid to cause havoc.
3. Steal information from computer databases for financial or political gain by selling the
stolen information. The hacker may be a competitor, a foreign government or an
organized crime syndicate.
4. Theft of money by ransom. Ransomware is a class of hacking whereby the hacker gains
access to the database and then encrypts the data. The hacker then sends a request for
ransom to the business or government entity demanding a ransom to be paid in
untraceable Bitcoin in order to provide the key that will unlock the data. In 50% of these
cases the hacker receives the payment but does not unlock the data, usually because the
data was erased and not encrypted. Hackers will also share information about a target
who has paid so that the business or government entity becomes a target for another
hacker. Ransomware is often used with healthcare entities because they pay quickly
when patent data cannot be accessed.
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 5
Hackers pose two major threats to computer networks
The first threat to a computer network is to be hacked directly from the Internet. This is common
for a network that does not have a firewall, where all network devices are connected directly to a
router. Low cost routers have known exploits that permit the hacker to access the network
devices once the router type has been identified.
The second and more common threat is from the installation of a 'trojan' virus on one of the user
computers. The advantage of the trojan is that once installed, the trojan calls the hacker and
gives control of the computer to the hacker. This method can bypass completely a firewall with
inbound blocking. The trojan is usually installed via an email link or attachment that installs the
trojan software on the users computer. Most computer users are aware that they should not click
on email links or open attachments. However a hacker can bombard the employees of a company
with emails that duplicate the type of email that would be sent by a bank or a company such as
Facebook or Ebay to trick the user. Once the hacker has control of a users computer then that
computer can be used to hack into the data servers. The computer user has no idea that a
hacker is also sharing the computer, but may notice that the computer is running more slowly
than usual. Most successful hacks use the trojan virus method.
Using The Authonet Firewall
The Authonet firewall departs from conventional firewall design and permits a secure firewall to
be installed by people who have limited technical knowledge. The Authonet firewall was designed
to be installed by a person who knows how to use a computer and who can install a DSL router.
The Authonet Firewall is installed in the network between the DSL router and all other network
components. This is easily done and entails swapping two Ethernet cables. The connection of the
firewall is shown in the figure below.
1
1/7/17
InternetInternet
DSL/ Cable
router
LAN
port
Laptop
WAN
port
Switch or
VLAN switch
Wireless access points
Multi-OS servers and services
USER SUBNET
Smart phone Tablet Desktops
AUTHONET
Admin
Authonet Firewall
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 6
When the firewall had been installed there is no connection from network computers to the
Internet, and any attempt to access network computers from the Internet is blocked. Blocking
access from the Internet to the network computers will thwart a hacker who attempts to access
the network from the Internet. It is possible to add rules to permit certain types of access from
the Internet to the network computers, however this should be avoided as each access rule is a
potential point of access for a hacker.
At first the inability of network computers to have Internet access is seen as a problem, however
this is of great benefit by blocking the hacker who tries to install a trojan on a users computer. A
rule can be added to give all computers access to the whole Internet, however it is much safer to
permit access only to those websites that the users will need to access for their day to day tasks.
This approach has the benefit that if a trojan is accidentally installed on a users computer then it
cannot call the hacker because the firewall will block the outbound call, as computers can only
communicate with permitted websites. The diagram below illustrates a trojan virus installed on a
users computer, which is blocked by the firewall when trying to contact the hacker.
Most business and government departments will have difficulty with a one-rule-fits-all regarding
the websites that computers are allowed to access. For this reason the Authonet firewall permits
the creation of multiple groups where each group can have access to named websites. Groups
can be created for business departments, like management, production, financial and sales. Each
group can have a different list of websites that the computers (and users) in that group are
permitted to access.
An added bonus of permitting access only to specific website is that access is blocked to websites
that may distract employees, such as social media. This can improve productivity for some
businesses.
Internet
Firewall
User desktopServers and devices
Attempted
attack on
servers by
tojjan
Direct attack to server
blocked by firewall
Firewall
blocks
the
trojans
remote
access
to the
desktop
InternetInternet
Firewall
User desktopServers and devices
Attempted
attack on
servers by
tojjan
Direct attack to server
blocked by firewall
Firewall
blocks
the
trojans
remote
access
to the
desktop
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 7
Applications for the Authonet Firewall
The Authonet firewall has been developed to protect small businesses from attack by hackers.
The majority of large business that have IT departments or use outsourced IT service providers
have firewalls installed, however most small business are unprotected. There are two reasons for
this:
Firewalls are expensive products, and have additional ongoing expenses for support,
firmware upgrades and services such as content filtering.
Firewalls are difficult to install and require expensive specialist skills.
The Authonet firewall was designed to solve the cost issue listed above:
The Authonet F10 firewall costs less than $200, support is free, firmware upgrades are
free and additional services are free.
The Authonet F1 firewall costs less than $100, support is free, firmware upgrades are
free and additional services are free.
The Authonet firewall was designed to solve the difficulty of use issue listed above:
The Authonet firewall has a radically new approach to installation and configuration. A
customer who understands how to use a computer will be able to install the Authonet
firewall, just as small business owners now install computers, computer software and
wireless routers.
This documentation is a guide to installing and using the Authonet firewall. The installation
procedure is intuitive and the method of configuration ensures that the business network is
protected.
Customers who have installed other firewalls will first be surprised that the configuration
procedure for the Authonet firewall is completely different to other firewalls. They will be
surprised a second time when they realize how easy it is to configure and install the Authonet
firewall. Some will ask the question: why don't other manufacturers make installation and
configuration this easy!
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 8
PART 2: INSTALLING AND CONFIGURING THE AUTHONET FIREWALL
The Authonet firewall is a router and will therefore issue IP addresses to computer and devices
that request an IP address (DHCP).
Network Installation of the Authonet firewall
Case 1: All network computers are connected to a switch, and the switch is connected to one of
the DSL/cable router LAN ports. Unplug the Ethernet cable from the router LAN port and plug it
into one of the Authonet firewall LAN ports. Connect an Ethernet cable from the Authonet firewall
WAN port to the router LAN port.
Case 2: Network computers are connected to the four router LAN ports. Move the network
connection from each of the router LAN ports to the corresponding Authonet firewall LAN ports.
Connect an Ethernet cable from the Authonet firewall WAN port to the router LAN port.
Case 3: The Internet connection is a cable modem and a router is used to connect the cable
modem to the network computers. Replace the router with the Authonet firewall. Note that the
Authonet WAN port must be configured for the same static IP address that the router was
configured with.
Please see the Quick Start Guide that is shipped with every Authonet firewall. The quick start
guide can also be downloaded from the Authonet website.
Wireless access Servers and
devices
Wired
computers
SECURE
NETWORK
InternetInternet
DSL/ Cable
router
LAN
port
WAN
port
Switch or
VLAN switch
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 9
Login as the Administrator
Connect the Authonet firewall to the Internet router, and connect a computer to the Authonet
firewall as shown below:
The computer will be configured to request an IP address (DHCP client) and will get an IP
address from the Authonet firewall. The IP address will be in the range 172.16.xx.xx.
Open the computer browser and type in the following domain:
ulogin.net
Wait a few seconds and then the login page will open. The screen is shown below:
Internet
Configuration
computer
Product Configuration
Internet
LAN port
https://ulogin.net/
WAN port
Internet
Configuration
computer
Product Configuration
Internet
LAN port
https://ulogin.net/
WAN port
Default first time login
User: admin
Pass: password
Select language
1.
2.
3.
Open the browser page
at:
https://ulogin.net/
See the login screen
Copyright (c) Fire4 Systems Inc, 2019. All rights reserved 10
The administrator username is admin, and the default password is password. If desired the
firewall can be configured in Spanish by clicking on the flag shown.
When the login process has been completed the dashboard display is shown, see the figure
below:
First change the admin password, click 'admin' at the top of the left side menu. The tab will
open. Enter a new admin password as shown below.
Other manuals for Firewall F-10
1
Table of contents
Other Authonet Firewall manuals
