Справочник Пользователя для ASUS RX3141
Chapter 2. Getting to Know
RX3141 User’s Manual
4
2.3.2 Firewall
Features
The firewall as implemented in RX3141 provides the following features to protect your network from being
attacked and to prevent your network from being used as the springboard for attacks.
attacked and to prevent your network from being used as the springboard for attacks.
f Stateful Packet Inspection
f Packet
f Packet
Filtering
(ACL)
f Defense against Denial of Service Attacks
f Log
f Log
2.3.2.1 Stateful
Packet
Inspection
The RX3141 Firewall uses “stateful packet inspection” that extracts state-related information required for the
security decision from the packet and maintains this information for evaluating subsequent connection
attempts. It has awareness of application and creates dynamic sessions that allow dynamic connections so
that no ports need to be opened other than the required ones. This provides a solution which is highly secure
and that offers scalability and extensibility.
security decision from the packet and maintains this information for evaluating subsequent connection
attempts. It has awareness of application and creates dynamic sessions that allow dynamic connections so
that no ports need to be opened other than the required ones. This provides a solution which is highly secure
and that offers scalability and extensibility.
2.3.2.2
Packet Filtering – ACL (Access Control List)
ACL rule is one of the basic building blocks for network security. Firewall monitors each individual packet,
decodes the header information of inbound and outbound traffic and then either blocks the packet from
passing or allows it to pass based on the contents of the source address, destination address, source port,
destination port, and protocol defined in the ACL rules.
decodes the header information of inbound and outbound traffic and then either blocks the packet from
passing or allows it to pass based on the contents of the source address, destination address, source port,
destination port, and protocol defined in the ACL rules.
ACL is a very appropriate measure for providing isolation of one subnet from another. It can be used as the
first line of defense in the network to block inbound packets of specific types from ever reaching the protected
network.
first line of defense in the network to block inbound packets of specific types from ever reaching the protected
network.
The RX3141 Firewall’s ACL methodology supports:
f Filtering based on destination and source IP address, port number and protocol
f Use of the wild card for composing filter rules
f Filter Rule priorities
f Use of the wild card for composing filter rules
f Filter Rule priorities
2.3.2.3
Defense against DoS Attacks
The RX3141 Firewall has an Attack Defense Engine that protects internal networks from known types of
Internet attacks. It provides automatic protection from Denial of Service (DoS) attacks such as SYN flooding,
IP smurfing, LAND, Ping of Death and all re-assembly attacks. For example, the RX3141 Firewall provides
protection from “WinNuke”, a widely used program to remotely crash unprotected Windows systems in the
Internet. The RX3141 Firewall also provides protection from a variety of common Internet attacks such as IP
Spoofing, Ping of Death, Land Attack, and Reassembly attacks.
Internet attacks. It provides automatic protection from Denial of Service (DoS) attacks such as SYN flooding,
IP smurfing, LAND, Ping of Death and all re-assembly attacks. For example, the RX3141 Firewall provides
protection from “WinNuke”, a widely used program to remotely crash unprotected Windows systems in the
Internet. The RX3141 Firewall also provides protection from a variety of common Internet attacks such as IP
Spoofing, Ping of Death, Land Attack, and Reassembly attacks.
The type of attack protections/detections provided by the RX3141 is listed in Table 2.1.