Dell PowerConnect W-Series Instant Access Point 6.1.3.1-3.0.0.0 | User Guide Policy Enforcement Firewall | 195Session Firewall Based BlacklistingIn session firewall based blacklisting, an ACL rule is used to enable the option for automation blacklisting. whenthe ACL rule is hit, it would send out blacklist information and the client would be blacklisted.To set the blacklist duration, perform the following steps:1. Select the PEF link and then select Blacklisting tab. Auth failure blacklist time— Enter the duration since the blacklisting has been triggered when theauthentication failure threshold is exceeded. PEF rule blacklisted time— Enter the duration since the blacklisting has been triggered when a blacklistingrule has been triggered.Figure 158 Dynamic BlacklistingPEF SettingsFirewall ALG ConfigurationInstant firewall now supports the ALG (Application Layer Gateway) functions such as SIP, Vocera, Alcatel NOE,and Cisco Skinny protocols.To enable or disable the protocols for ALG in Dell Instant perform the following steps:1. Select PEF from the top right of the Instant UI.2. Select PEF Settings tab.3. Select Enabled from the corresponding drop-down list to enable SIP, VOCERA, Alcatel NOE, and Ciscoskinny protocols.Figure 159 Enabling ALG ProtocolsNOTE: In the Networks tab, click the New link and go to Basic Info > VLAN > Security > Access page to enable Auth failureblacklist Blacklisting. Set a value between 1 to 10 in the max authentication failures of the SSID. To enable session firewall basedblacklisting first enable the Blacklisting option of the corresponding ACL rule.