Manualsbrain.com
  1. Manuales
  2. Marcas
  3. ZyXEL Communications
  4. 2602HWNLI-D7A
  5. Manual De Usuario

ZyXEL Communications 2602HWNLI-D7A Manual De Usuario

Descargar
Página de 246
 
Prestige 2602HWNLI-D7A Support Notes 
 
 
 
All contents copyright (c) 2007 ZyXEL Communications Corporation.   
198 
Packet Filtering Firewalls generally make their decisions based on the header information in individual 
packets. These header information include the source, destination addresses and ports of the packets.   
Application-level Firewalls generally are hosts running proxy servers, which permit no traffic directly 
between networks, and which perform logging and auditing of traffic passing through them. A proxy 
server is an application gateway or circuit-level gateway that runs on top of general operating system such 
as UNIX or Windows NT. It hides valuable data by requiring users to communicate with secure systems 
by mean of a proxy. A key drawback of this device is performance.   
Stateful Inspection Firewalls restrict access by screening data packets against defined access rules. They 
make access control decisions based on IP address and protocol. They also 'inspect' the session data to 
assure the integrity of the connection and to adapt to dynamic protocols. The flexible nature of Stateful 
Inspection firewalls generally provides the best speed and transparency, however, they may lack the 
granular application level access control or caching that some proxies support.   
What kind of firewall is the Prestige?   
1.  The Prestige's firewall inspects packets contents and IP headers. It is applicable to all protocols, 
that understands data in the packet is intended for other layers, from network layer up to the 
application layer.   
2.  The Prestige's firewall performs stateful inspection. It takes into account the state of connections it 
handles so that, for example, a legitimate incoming packet can be matched with the outbound 
request for that packet and allowed in. Conversely, an incoming packet masquerading as a 
response to a nonexistent outbound request can be blocked.   
3.  The Prestige's firewall uses session filtering, i.e., smart rules, that enhance the filtering process 
and control the network session rather than control individual packets in a session.   
4.  The Prestige's firewall is fast. It uses a hashing function to search the matched session cache 
instead of going through every individual rule for a packet.   
5.  The Prestige's firewall provides email service to notify you for routine reports and when alerts 
occur.   
Why do you need a firewall when your router has packet filtering and NAT built-in?   
With the spectacular growth of the Internet and online access, companies that do business on the Internet 
face greater security threats. Although packet filter and NAT restrict access to particular computers and 
networks, however, for the other companies this security may be insufficient, because packets filters 
typically cannot maintain session state. Thus, for greater security, a firewall is considered.