I recently bought a DrayTek Vigor 2925 router after learning that the router offered by my ISP had major security issues.
I've been looking through the admin panel of the 2925, and found that it seems to handle security somewhat differently than a consumer device.
In my old router (and in the four or five I've had in the past) there was an option under the firewall settings to select "High Security" "Normal Security" "Low Security". I've always "HIgh Security".
On the Draytek, there are the following three settings that can be activated by checkbox.
- Always pass inbound fragmented large packets (required for certain games and streaming)
- Enable Strict Security Firewall
- Block connections initiated from WAN
I plan to uncheck "Always pass inbound fragmented large packets", and to check both "Enable Strict Security Firewall" and "Block connections initiated from WAN"
In addition to these settings, there is also what looks like a complicated filter setup that is beyond my technical knowhow.
My question is:
Is it enough to "Enable Strict Security Firewall" and "Block connections initiated from WAN"
...or am I leaving a gaping hole in the firewall?
I assume that the Draytek has some sort of packet inspection/firewall rules that are enabled by default without having to set up a bunch of rules manually. Am I correct in this assumption?
I realize the following question can't be answered specifically, but nonetheless here goes: On a typical consumer router, one has the option to select "Typical Security" "High Security" etc. Could anyone speculate on what the difference between such settings might be, and how I might be able to achieve something like "High Security" on the Draytek 2925? Are there any filters that you would recommend setting up on the DrayTek?
The last thing I want to do is to realize at some point in the future that the security level with the DrayTek is actually lower (due to my lack of technical expertise) than with the router from the ISP.
I've been looking through the admin panel of the 2925, and found that it seems to handle security somewhat differently than a consumer device.
In my old router (and in the four or five I've had in the past) there was an option under the firewall settings to select "High Security" "Normal Security" "Low Security". I've always "HIgh Security".
On the Draytek, there are the following three settings that can be activated by checkbox.
- Always pass inbound fragmented large packets (required for certain games and streaming)
- Enable Strict Security Firewall
- Block connections initiated from WAN
I plan to uncheck "Always pass inbound fragmented large packets", and to check both "Enable Strict Security Firewall" and "Block connections initiated from WAN"
In addition to these settings, there is also what looks like a complicated filter setup that is beyond my technical knowhow.
My question is:
Is it enough to "Enable Strict Security Firewall" and "Block connections initiated from WAN"
...or am I leaving a gaping hole in the firewall?
I assume that the Draytek has some sort of packet inspection/firewall rules that are enabled by default without having to set up a bunch of rules manually. Am I correct in this assumption?
I realize the following question can't be answered specifically, but nonetheless here goes: On a typical consumer router, one has the option to select "Typical Security" "High Security" etc. Could anyone speculate on what the difference between such settings might be, and how I might be able to achieve something like "High Security" on the Draytek 2925? Are there any filters that you would recommend setting up on the DrayTek?
The last thing I want to do is to realize at some point in the future that the security level with the DrayTek is actually lower (due to my lack of technical expertise) than with the router from the ISP.
