Справочник Пользователя для Interepoch Technology Inc. IWE3200
4
NAT server. Client computers can share a public IP address provided by an ISP (Internet
Service Provider) by NAT (Network Address Translation). And our NAT server function-
ality supports the following:
Service Provider) by NAT (Network Address Translation). And our NAT server function-
ality supports the following:
Virtual server.
Exposing servers on the intranet to the Internet.
PPTP, IPSec, and L2TP passthrough.
Passing VPN (Virtual Private Network)
packets through the intranet-Internet boundary. PPTP means Point-to-Point Tunneling
Protocol, IPSec means IP Security, and L2TP means Layer 2 Tunneling Protocol.
Protocol, IPSec means IP Security, and L2TP means Layer 2 Tunneling Protocol.
DMZ (DeMilitarized Zone). All unrecognized IP packets from the Internet can be
forwarded to a specific computer on the intranet.
forwarded to a specific computer on the intranet.
Multiple public IP addresses support.
An ISP may provide several public IP
addresses to a customer. The IWE3200 can map each of the public IP addresses to a
host with a private IP address on the intranet.
host with a private IP address on the intranet.
H.323 passthrough.
Passing H.323 packets through the intranet-Internet boundary
so that users on the intranet can use VoIP (Voice over IP) applications.
MSN Messenger support.
Supporting Microsoft MSN Messenger for chat, file
transfer, and real-time communication applications.
Session monitoring.
Latest 50 incoming sessions and 50 outgoing sessions are
shown for monitoring user traffic.
z
DSL/Cable Modem Support. Supporting dynamic IP address assignment by PPPoE
(Point-to-Point Protocol over Ethernet) or DHCP and static IP address assignment.
(Point-to-Point Protocol over Ethernet) or DHCP and static IP address assignment.
Multiple DSL/Cable connections support.
Supporting up to 4 DSL/cable-based
Internet connections. All outgoing traffic load from the internal network is shared among
the multiple Internet connections, so that total outgoing throughput is increased.
the multiple Internet connections, so that total outgoing throughput is increased.
z
Network Security
Packet address and port filtering.
Filtering outgoing packets based on IP address and
port number. (Incoming packet filtering is performed by NAT.)
URL filtering.
Preventing client users from accessing unwelcome Web sites. The HTTP
(HeperText Transfer Protocol) traffic to the specified Web sites identified by URLs (Uni-
versal Resource Locators) is blocked.
versal Resource Locators) is blocked.
WAN ICMP requests blocking.
Some DoS (Denial of Service) attacks are based on
ICMP requests with large payloads. Such kind of attacks can be blocked.
Stateful Packet Inspection (SPI).
Analyzing incoming and outgoing packets based on
a set of criteria for abnormal content. Therefore, SPI can detect hacker attacks, and can
summarily reject an attack if the packet fits a suspicious profile.
summarily reject an attack if the packet fits a suspicious profile.