Avaya 38DHB0002UKDD manual Firewall Rules, Generic Protocol

Firewall Rules

1.The default behaviour for incoming session is to block, unless a specific entry exists to forward the session.

2.ICMP are blocked for incoming sessions by default may not be forwarded

3.Non-default protocols are forwarded for outgoing connection unless a specific entry exists to drop the session

4.When an Entry match offset is set to 0 all data in IP header is matched (effectively this don’t care mechanism)

5.When an Entry is configured with the protocols set to 0 all protocols are matched (effectively this is a don’t care)

6.The firewall engine searches the entry list only until the first match is found.

7.To aid the efficiency of the firewall engine matches are not performed on entries that have the same action as the generic. For example, if FTP is to be dropped and a further entry exists, that entry will not be checked before the packet is dropped.

8.If a packet contains an unauthorised request such as a banned Web site, the IPNC immediately replies to the packet's originator with a protocol exchange that terminates the transaction, effectively blocking the request.

9.The Action are outgoing (Out), incoming (In), Bothway or not at all (Drop). The default protocols that can be easily configured this way are:-

10.Multiple firewall profiles may be created, a profile may be assigned to a service for outgoing call or for User incoming calls. A firewall configuration may be assigned to one or may services or user configuration.