I have the above modem\router\firewall and I am very impressed with it.

However, setting up the firewall has been not as straight forward as I would like.

I have enabled DoS etc protection and I am aware that the firewall has SPI functionality for further protection.

All my devices sit behind a private network on a 192.168.x.0 network with one IP being provided by an ADSL line from my ISP.

I do not have any internet facing server/hosts etc, currently I have several clients running various OS's windows/Mac/Linux just accessing the internet. Some are using wireless and two are using ethernet.

My question is should I further protect my hosts by setting up more firewall rules?

If so can anyone tell me the most common rules to setup?

Finally the best way to do this on my Draytek?

Many thanks in advance.

Hi Take a look here
http://www.draytek.com/user/SupportAppnotesDetail.php?ID=14

I am running my 2820Vn in a similar way to that page, but I have the default rule set to block all, then set up rules to allow web http 80, web https 443, ftp 21, dns 53, ect ect
you should create you ip objects first, then you can link your rules to certain computers on you lan. I think many people run with default rule allow all, but I prefer default = block all, then allow what you want. There is a lot of stuff on this forum that will help you out, just read through and learn
Regards
Steveo