Справочник Пользователя для ASUS rx3041h
RX3041H User’s Manual
Chapter 2 Getting to Know the RX3041H
7
2.4.1.6
Application Level Gateway (ALG)
Applications such as FTP, games etc., open connections dynamically based on the respective application
parameter. To go through the firewall on the RX3041H, packets pertaining to an application, require a
corresponding allow rule. In the absence of such rules, the packets will be dropped by the RX3041H Firewall.
As it is not feasible to create policies for numerous applications dynamically (at the same time without
compromising security), intelligence in the form of Application Level Gateways (ALG), is built to parse packets
for applications and open dynamic associations. The RX3041H Firewall provides a number of ALGs for
popular applications such as FTP, H.323, RTSP, Microsoft Games, SIP, etc.
parameter. To go through the firewall on the RX3041H, packets pertaining to an application, require a
corresponding allow rule. In the absence of such rules, the packets will be dropped by the RX3041H Firewall.
As it is not feasible to create policies for numerous applications dynamically (at the same time without
compromising security), intelligence in the form of Application Level Gateways (ALG), is built to parse packets
for applications and open dynamic associations. The RX3041H Firewall provides a number of ALGs for
popular applications such as FTP, H.323, RTSP, Microsoft Games, SIP, etc.
2.4.1.7 URL
Filtering
defined. Any URL containing one or more of these keywords will be blocked. This is a policy independent
feature i.e. it cannot be associated to ACL rules. This feature can be independently enabled or disabled, but
works only if firewall is enabled.
feature i.e. it cannot be associated to ACL rules. This feature can be independently enabled or disabled, but
works only if firewall is enabled.
2.4.1.8 Log
and
Alerts
Events in the network, that could be attempts to affect its security, are recorded in the RX3041H System log
file. Event details are recorded in WELF (WebTrends Enhanced Log Format ) format so that statistical tools
can be used to generate custom reports. The RX3041H Firewall can also forward Syslog information to a
Syslog server on a private network.
file. Event details are recorded in WELF (WebTrends Enhanced Log Format ) format so that statistical tools
can be used to generate custom reports. The RX3041H Firewall can also forward Syslog information to a
Syslog server on a private network.
The RX3041H Firewall supports:
Alerts sent to the administrator via e-mail.
Maintains at a minimum, log details such as, time of packet arrival, description of action taken by
Maintains at a minimum, log details such as, time of packet arrival, description of action taken by
Firewall and reason for action.
Supports the UNIX Syslog format.
Sends log report e-mails as scheduled by the network administrator or by default when the log file is
Sends log report e-mails as scheduled by the network administrator or by default when the log file is
full.
All the messages are sent in the WELF format.
ICMP logging to show code and type.
ICMP logging to show code and type.
2.4.1.9 Remote
Access
The RX3041H Firewall allows the network administrator to segregate the user community into Access Policies
per group. A user can log in using the login page (Refer to “User Login Process” on page 67). After a user is
authenticated successfully, the RX3041H Firewall dynamically activates the user-group’s set of access policies.
per group. A user can log in using the login page (Refer to “User Login Process” on page 67). After a user is
authenticated successfully, the RX3041H Firewall dynamically activates the user-group’s set of access policies.
These policies will subsequently be enforced until the user logs out of the session or until inactivity timeout
period has lapsed.
period has lapsed.