ADS Technologies SNA6500 Schedule Rule, Intrusion Detection Intrusion Detection Feature

Page 22

EN

Schedule Rule

You may filter Internet access for local clients based on rules. Each access control rule may be activated at a scheduled time. Define the time schedule on this page, and apply the rule on the Access Control page.

Intrusion Detection

Intrusion Detection Feature

Stateful Packet Inspection (SPI) and Anti-DoS firewall protection

(Default: Enabled) - The Intrusion Detection Feature of the ADSL Wireless Base Station limits access for incoming traffic at the WAN port. When the SPI feature is turned on, all incoming packets will be blocked except for those types marked in the Stateful Packet Inspection section.

RIP Defect (Default: Disabled) - If an RIP request packet is not acknowledged to by the router, it will stay in the input queue and not be released. Accumulated packets could cause the input queue to fill, causing severe problems for all protocols. Enabling this feature prevents the packets from accumulating.

Discard Ping to WAN (Default: Disabled) - Prevent a ping on the ADSL Wireless

Base Station's WAN port from being routed to the network.

Scroll down to view more information.

Stateful Packet Inspection

This is called a ‘stateful’ packet inspection because it examines the contents of the packet to determine the state of the communications; i.e., it ensures that the stated destination computer has previously requested the current communication. This is a way of ensuring that all communications are initiated by the recipient computer and are taking place only with sources that are known and trusted from previous interactions. In addition to being more rigorous in their inspection of packets, stateful inspection firewalls also close off ports until connection to the specific port is requested.

When particular types of traffic are checked, only the particular type of traffic initiated from the internal LAN will be allowed. For example, if the user only checks ‘FTP Service’ in the Stateful Packet Inspection section, all incoming traffic will be blocked except for FTP connections initiated from the local LAN.

Stateful Packet Inspection allows you to select different application types that are using dynamic port numbers. If you wish to use the Stateful Packet Inspection (SPI) to block packets, click on the Yes radio button in the ‘Enable SPI and Anti-DoS firewall protection’ field and then check the inspection type that you need, such as

Packet Fragmentation, TCP Connection, UDP Session, FTP Service, H.323 Service, or TFTP Service.

When hackers attempt to enter your network, the SNA6500 can alert you by e-mail

If the mail server needs to authenticate your identification before sending out any e-mail, please fill related information in POP3 server, username and password fields. Otherwise leave the three fields blank.

Connection Policy

Enter the appropriate values for TCP/UDP sessions as described in the following table.

Note: The firewall does not significantly affect system performance, so we advise enabling the prevention features to protect your network.

DMZ

If you have a client PC that cannot run an Internet application properly from behind the firewall, you can open the client up to unrestricted two-way Internet access. Enter the IP address of a DMZ (Demilitarized Zone) host on this screen. Adding a client to the DMZ may expose your local network to a variety of security risks, so only use this option as a last resort.

22

Page 21 Page 23
Image 22
Page 21 Page 23
Contents SNA6500 Helpline European RegulationsAdsl Port Power InletReset Button On/offTable of Contents Wireless and Wired LAN About the Adsl Wireless Base StationFeatures and Benefits Internet AccessSecurity Safety PrecautionsPackaging contents Important informationSystem Requirements LED IndicatorsISP Settings Hardware DescriptionConnect the System Phone Line ConfigurationConnect the Adsl Line TCP/IP Configuration Windows 98/MeObtain IP Settings from Your Adsl Wireless Base Station Windows NT Disable Http Proxy Windows Windows XP Configuring Your Macintosh Computer Configuring your wireless adapter Internet ExplorerPage Adsl settings Setup WizardWireless settings Getting StartedConnection Status Adsl Status Adsl / Internet settingsISP settings ParametersMAC Filter Access ControlFirewall URL BlockingSchedule Rule Intrusion Detection Intrusion Detection FeatureConnection Policy Wireless security Wireless EncryptionWPA 802.1XWireless Home network settingsNetwork settings StatusWDS Virtual Server Advanced settingsAddress Mapping Special ApplicationsMaintenance SystemParameter Description Remote ManagementSnmp Community Snmm TrapQoS Upnp Universal Plug and Play settingsDdns Dynamic DNS settings Traffic mappingRIP parameter RoutingStatic route parameter Routing tableLinux Windows NT4/2000/XPMacintosh MAC addressWizard Network Settings Page For Windows 98SE and Windows Me Page Click ‘OK’ to accept the changes Problem Solution Settings will be lost, also your ISP settingsPhysical Characteristics Environmental Manufacturers name Title and/or number and date of issue of the standardsReport No Manufacturers address
Top Page Image Contents