ZyXEL Communications manual What kind of firewall is the P320W?

Page 60

P320W Support Notes

as UNIX or Windows NT. It hides valuable data by requiring users to communicate with secure systems by mean of a proxy. A key drawback of this device is performance.

Stateful Inspection Firewalls restrict access by screening data packets against defined access rules. They make access control decisions based on IP address and protocol. They also 'inspect' the session data to assure the integrity of the connection and to adapt to dynamic protocols. The flexible nature of Stateful Inspection firewalls generally provides the best speed and transparency, however, they may lack the granular application level access control or caching that some proxies support.

What kind of firewall is the P320W?

1.The P320W's firewall inspects packets contents and IP headers. It is applicable to all protocols that understand data in the packet is intended for other layers, from network layer up to the application layer.

2.The P320W's firewall performs stateful inspection. It takes into account the state of connections it handles so that, for example, a legitimate incoming packet can be matched with the outbound request for that packet and allowed in. Conversely, an incoming packet masquerading as a response to a nonexistent outbound request can be blocked.

3.The P320W's firewall uses session filtering, i.e., smart rules, that enhance the filtering process and control the network session rather than control individual packets in a session.

4.The P320W's firewall is fast. It uses a hashing function to search the matched session cache instead of going through every individual rule for a packet.

Why do you need a firewall when your router has packet filtering and NAT built-in?

With the spectacular growth of the Internet and online access, companies that do business on the Internet face greater security threats. Although packet filter and NAT restrict access to particular computers and networks, however, for the other companies this security may be insufficient, because packets filters typically cannot maintain session state. Thus, for greater security, a firewall is considered.

What is Denials of Service (DoS) attack?

Denial of Service (DoS) attacks is aimed at devices and networks with a connection to the Internet. Their goal is not to steal information, but to disable a device or network so users no longer have access to network resources.

There are four types of DoS attacks:

1. Those that exploits bugs in a TCP/IP implementation such as Ping of Death and Teardrop.

60

All contents copyright (c) 2005 ZyXEL Communications Corporation.

Page 59 Page 61
Image 60
Page 59 Page 61
Contents Prestige 320W P320W Support Notes Ireless FAQ Trouble Shooting Internet Connection Ethernet connectionTCP/IP Installation TCP/IP ConfigurationSetting up the Prestige router P320W Support Notes P320W Support Notes Configure an Internal Server Behind SUA Service Port Number SmtpUsing the Dynamic DNS Ddns Network Management Using Snmp Snmp OverviewP320W Support Notes SNMPv1 Operations Get GetNextSet TrapZyXEL Snmp Implementation Configure the Prestige for Snmp Get CommunityUsing Prestige traffic redirect Set CommunityTraffic Redirect on LAN port Using Universal Plug n Play UPnP What is UPnPUsing UPnP in ZyXEL devices Go to Management-UPnP, check Enable UPnP service P320W Support Notes Finally, your video conversation is achieved Infrastructure Mode What is Infrastructure mode?P320W Support Notes Configuration Wireless Station to Infrastructure mode P320W Support Notes Double click on the AP you want to associated with Wireless MAC Address Filtering MAC Filter OverviewConfigure the Wlan MAC Filter ZyXEL MAC Filter ImplementationWEP Configuration IntroductionP320W Support Notes Setting up the Access Point Key settings Setting up the StationP320W Support Notes P320W Support Notes Ieee Ieee 802.1x IntroductionAuthenticator Authentication ServerSupplicant Authentication Port State and Authentication Control Re-Authentication Eapol Exchange between 802.1x Authenticator and Supplicant P320W Support Notes Using WEB Configuration Using External Radius Authentication Server P320W Support Notes Site Survey Preparation Survey on SiteP320W Support Notes P320W Support Notes FAQ What is the P320W 802.11g Wireless Firewall Router?What is PPPoE? Will the P320W work with my Internet connection?What do I need to use the Prestige? Does the Prestige support PPPoE?How do I know I am using PPPoE? Why does my provider use PPPoE?How can I configure the Prestige? Which Internet Applications can I use with the Prestige?How does e-mail work through the Prestige? What Dhcp capability does the Prestige support? How fast can the data go?Your ISP checks the MAC address Your ISP checks the Host Name What is BOOTP/DHCP What is DdnsWhen do I need Ddns service? What is a network firewall? What makes P320W secure?What are the basic types of firewalls? What is Denials of Service DoS attack? What kind of firewall is the P320W?What is Ping of Death attack? What is Teardrop attack?What is SYN Flood attack? What is Land attack?What is IP Spoofing attack? What is a Wireless LAN?What are the advantages of Wireless LANs? What are the disadvantages of Wireless LANs? Where can you find wireless 802.11 networks?What is an Access Point? What is Ieee 802.11? What is 802.11b?What is 802.11a? What is 802.11g?What is Wi-Fi? Does the 802.11 interfere with Bluetooth devices?Can radio signals pass through walls? Is it possible to use products from a variety of vendors?What is Ad Hoc mode? What is Infrastructure mode?How many Access Points are required in a given area? Whats the difference between a Wlan and a WWAN?What is Direct-Sequence Spread Spectrum Technology DSSS? What is Frequency-hopping Spread Spectrum Technology FHSS?Why the 2.4 Ghz Frequency range? What is Server Set ID SSID?What is an ESSID? What is WEP?What is the difference between 40-bit and 64-bit WEP? What is a WEP key?What is Wireless Sniffer? Can the Ssid be encrypted?What are Insertion Attacks? Open SystemWhat is 802.1x? What is AAA?What is RADIUS? Why cannot access the Prestige from my computer? Why cannot access the Internet?Your ISP checks the MAC address Unable to run applications ZyXEL SUA Supporting TableApplication Outgoing Connection Incoming Connection NAT-T P320W Support Notes
Top Page Image Contents