Netopia 2200 Manual Do Utilizador
140
Link:
Stateful Inspection
All computer operating systems are vulnerable to attack from outside sources, typically at
the operating system or Internet Protocol (IP) layers. Stateful Inspection firewalls intercept
and analyze incoming data packets to determine whether they should be admitted to your
private LAN, based on multiple criteria, or blocked. Stateful inspection improves security by
tracking data packets over a period of time, examining incoming and outgoing packets. Out-
going packets that request specific types of incoming packets are tracked; only those
incoming packets constituting a proper response are allowed through the firewall.
the operating system or Internet Protocol (IP) layers. Stateful Inspection firewalls intercept
and analyze incoming data packets to determine whether they should be admitted to your
private LAN, based on multiple criteria, or blocked. Stateful inspection improves security by
tracking data packets over a period of time, examining incoming and outgoing packets. Out-
going packets that request specific types of incoming packets are tracked; only those
incoming packets constituting a proper response are allowed through the firewall.
Stateful inspection is a security feature that prevents unsolicited inbound access when
NAT is disabled. You can configure UDP and TCP “no-activity” periods that will also apply to
NAT time-outs if stateful inspection is enabled on the inter face. Stateful Inspection param-
eters are active on a WAN inter face only if enabled on your Gateway. Stateful inspection
can be enabled on a WAN inter face whether NAT is enabled or not.
NAT is disabled. You can configure UDP and TCP “no-activity” periods that will also apply to
NAT time-outs if stateful inspection is enabled on the inter face. Stateful Inspection param-
eters are active on a WAN inter face only if enabled on your Gateway. Stateful inspection
can be enabled on a WAN inter face whether NAT is enabled or not.
Stateful Inspection Firewall installation procedure
☛
NOTE:
Installing Stateful Inspection Firewall is mandator y to comply with Required
Ser vices Security Policy - Residential Categor y module - Version 4.0 (specified
by ICSA Labs)
For more information please go to the following URL:
Ser vices Security Policy - Residential Categor y module - Version 4.0 (specified
by ICSA Labs)
For more information please go to the following URL:
http://www.icsalabs.com/html/communities/firewalls/certification/
criteria/Residential.pdf
criteria/Residential.pdf
.
1.
Access the router through the web interface from the private LAN.
DHCP ser ver is enabled on the LAN by default.
2.
The Gateway’s Stateful Inspection feature must be enabled in order to
prevent TCP, UDP and ICMP packets destined for the router or the private
hosts.
prevent TCP, UDP and ICMP packets destined for the router or the private
hosts.
This can be done by navigating to
Expert Mode -> Security -> Stateful Inspection.