ZyXEL Communications P-660HW-TX Manual De Usuario
P-660HW-Tx v2 Series Support Notes
Stateful Inspection Firewalls restrict access by screening data packets against
defined access rules. They make access control decisions based on IP
address and protocol. They also 'inspect' the session data to assure the
integrity of the connection and to adapt to dynamic protocols. The flexible
nature of Stateful Inspection firewalls generally provides the best speed and
transparency, however, they may lack the granular application level access
control or caching that some proxies support.
defined access rules. They make access control decisions based on IP
address and protocol. They also 'inspect' the session data to assure the
integrity of the connection and to adapt to dynamic protocols. The flexible
nature of Stateful Inspection firewalls generally provides the best speed and
transparency, however, they may lack the granular application level access
control or caching that some proxies support.
4. What kind of firewall is the P-660HW-Tx v2?
1. The P-660HW-Tx v2's firewall inspects packets contents and IP
headers. It is applicable to all protocols, that understands data in the
packet is intended for other layers, from network layer up to the
application layer.
packet is intended for other layers, from network layer up to the
application layer.
2. The P-660HW-Tx v2's firewall performs stateful inspection. It takes into
account the state of connections it handles so that, for example, a
legitimate incoming packet can be matched with the outbound request
for that packet and allowed in. Conversely, an incoming packet
masquerading as a response to a nonexistent outbound request can be
blocked.
legitimate incoming packet can be matched with the outbound request
for that packet and allowed in. Conversely, an incoming packet
masquerading as a response to a nonexistent outbound request can be
blocked.
3. The P-660HW-Tx v2's firewall uses session filtering, i.e., smart rules,
that enhance the filtering process and control the network session
rather than control individual packets in a session.
rather than control individual packets in a session.
4. The P-660HW-Tx v2's firewall is fast. It uses a hashing function to
search the matched session cache instead of going through every
individual rule for a packet.
individual rule for a packet.
5. The P-660HW-Tx v2's firewall provides email service to notify you for
routine reports and when alerts occur.
5. Why do you need a firewall when your router has packet filtering and
NAT built-in?
NAT built-in?
With the spectacular growth of the Internet and online access, companies that
do business on the Internet face greater security threats. Although packet filter
and NAT restrict access to particular computers and networks, however, for
the other companies this security may be insufficient, because packets filters
typically cannot maintain session state. Thus, for greater security, a firewall is
considered.
do business on the Internet face greater security threats. Although packet filter
and NAT restrict access to particular computers and networks, however, for
the other companies this security may be insufficient, because packets filters
typically cannot maintain session state. Thus, for greater security, a firewall is
considered.
6. What is Denials of Service (DoS) attack?
Denial of Service (DoS) attacks are aimed at devices and networks with a
connection to the Internet. Their goal is not to steal information, but to disable
a device or network so users no longer have access to network resources.
connection to the Internet. Their goal is not to steal information, but to disable
a device or network so users no longer have access to network resources.
22
All contents copyright © 2006 ZyXEL Communications Corporation.