ZyXEL Communications P-660HW-TX Manual De Usuario
P-660HW-Tx v2 Series Support Notes
Firewall FAQ
General
1. What is a network firewall?
A firewall is a system or group of systems that enforces an access-control
policy between two networks. It may also be defined as a mechanism used to
protect a trusted network from an untrusted network. The firewall can be
thought of two mechanisms: One to block the traffic, and the other to permit
traffic.
policy between two networks. It may also be defined as a mechanism used to
protect a trusted network from an untrusted network. The firewall can be
thought of two mechanisms: One to block the traffic, and the other to permit
traffic.
2. What makes P-660HW-Tx v2 secure?
The P-660HW-Tx v2 is pre-configured to automatically detect and thwart
Denial of Service (DoS) attacks such as Ping of Death, SYN Flood, LAND
attack, IP Spoofing, etc. It also uses stateful packet inspection to determine if
an inbound connection is allowed through the firewall to the private LAN. The
P-660HW-Tx v2 supports Network Address Translation (NAT), which
translates the private local addresses to one or multiple public addresses. This
adds a level of security since the clients on the private LAN are invisible to the
Internet.
Denial of Service (DoS) attacks such as Ping of Death, SYN Flood, LAND
attack, IP Spoofing, etc. It also uses stateful packet inspection to determine if
an inbound connection is allowed through the firewall to the private LAN. The
P-660HW-Tx v2 supports Network Address Translation (NAT), which
translates the private local addresses to one or multiple public addresses. This
adds a level of security since the clients on the private LAN are invisible to the
Internet.
3. What are the basic types of firewalls?
Conceptually, there are three types of firewalls:
1. Packet Filtering Firewall
2. Application-level Firewall
3. Stateful Inspection Firewall
2. Application-level Firewall
3. Stateful Inspection Firewall
Packet Filtering Firewalls generally make their decisions based on the header
information in individual packets. These headers information include the
source, destination addresses and ports of the packets.
information in individual packets. These headers information include the
source, destination addresses and ports of the packets.
Application-level Firewalls generally are hosts running proxy servers, which
permit no traffic directly between networks, and which perform logging and
auditing of traffic passing through them. A proxy server is an application
gateway or circuit-level gateway that runs on top of general operating system
such as UNIX or Windows NT. It hides valuable data by requiring users to
communicate with secure systems by mean of a proxy. A key drawback of this
device is performance.
permit no traffic directly between networks, and which perform logging and
auditing of traffic passing through them. A proxy server is an application
gateway or circuit-level gateway that runs on top of general operating system
such as UNIX or Windows NT. It hides valuable data by requiring users to
communicate with secure systems by mean of a proxy. A key drawback of this
device is performance.
21
All contents copyright © 2006 ZyXEL Communications Corporation.