Asus RX3141 2.3.2.1Stateful Packet Inspection, 2.3.2.2Packet Filtering – ACL (Access Control List), 2.3.2.3Defense against DoS Attacks, 2.3.2Firewall Features

Chapter 2. Getting to Know

RX3141 User’s Manual

2.3.2Firewall Features

The firewall as implemented in RX3141 provides the following features to protect your network from being attacked and to prevent your network from being used as the springboard for attacks.

fStateful Packet Inspection

fPacket Filtering (ACL)

fDefense against Denial of Service Attacks

fLog

2.3.2.1Stateful Packet Inspection

The RX3141 Firewall uses “stateful packet inspection” that extracts state-related information required for the security decision from the packet and maintains this information for evaluating subsequent connection attempts. It has awareness of application and creates dynamic sessions that allow dynamic connections so that no ports need to be opened other than the required ones. This provides a solution which is highly secure and that offers scalability and extensibility.

2.3.2.2Packet Filtering – ACL (Access Control List)

ACL rule is one of the basic building blocks for network security. Firewall monitors each individual packet, decodes the header information of inbound and outbound traffic and then either blocks the packet from passing or allows it to pass based on the contents of the source address, destination address, source port, destination port, and protocol defined in the ACL rules.

ACL is a very appropriate measure for providing isolation of one subnet from another. It can be used as the first line of defense in the network to block inbound packets of specific types from ever reaching the protected network.

The RX3141 Firewall’s ACL methodology supports:

fFiltering based on destination and source IP address, port number and protocol

fUse of the wild card for composing filter rules

fFilter Rule priorities

2.3.2.3Defense against DoS Attacks

The RX3141 Firewall has an Attack Defense Engine that protects internal networks from known types of Internet attacks. It provides automatic protection from Denial of Service (DoS) attacks such as SYN flooding, IP smurfing, LAND, Ping of Death and all re-assembly attacks. For example, the RX3141 Firewall provides protection from “WinNuke”, a widely used program to remotely crash unprotected Windows systems in the Internet. The RX3141 Firewall also provides protection from a variety of common Internet attacks such as IP Spoofing, Ping of Death, Land Attack, and Reassembly attacks.

The type of attack protections/detections provided by the RX3141 is listed in Table 2.1.