IP Filters

Depending on whether there is an existing Internet connection, or in other words “the WAN link status is up or down”, the IP filter architecture categorizes traffic into two: Call Filter and Data Filter.

zCall Filter - When there is no existing Internet connection, Call Filter is applied to all traffic, all of which should be outgoing. It will check packets according to the filter rules. If legal, the packet will pass. Then the router shall “initiate a call” to build the Internet connection and send the packet to Internet.

zData Filter - When there is an existing Internet connection, Data Filter is applied to incoming and outgoing traffic. It will check packets according to the filter rules. If legal, the packet will pass the router.

The following illustrations are flow charts explaining how router will treat incoming traffic and outgoing traffic respectively.

Stateful Packet Inspection (SPI)

Stateful inspection is a firewall architecture that works at the network layer. Unlike legacy static packet filtering, which examines a packet based on the information in its header, stateful inspection builds up a state machine to track each connection traversing all interfaces of the firewall and makes sure they are valid. The stateful firewall of Vigor router not just examine the header information also monitor the state of the connection.

Vigor2910 Series User’s Guide

65

Page 70 Page 72
Page 71
Image 71
Draytek 2910 manual IP Filters, Stateful Packet Inspection SPI
Page 70 Page 72

2910 specifications

The DrayTek 2910 is a versatile and robust router designed primarily for small to medium-sized businesses, offering a wide array of features that cater to various networking needs. With its advanced capabilities, it delivers superior performance and flexibility for organizations that demand reliable internet connectivity.

One of the defining characteristics of the DrayTek 2910 is its dual WAN capabilities. This allows users to connect two different internet service providers, ensuring that the network remains operational even if one connection fails. The router can automatically switch between the WANs, providing seamless failover and load balancing. This feature is essential for businesses that require constant uptime and reliability.

The DrayTek 2910 is equipped with multiple Ethernet ports, enabling it to support various devices and create a robust local area network (LAN). The router includes VLAN support, which allows for the segmentation of the network into different virtual networks, enhancing security and performance by isolating sensitive data traffic.

Another notable aspect of the DrayTek 2910 is its comprehensive security features. It includes a built-in firewall, which protects the network from external threats and unauthorized access. The router supports various protocols, including VPN (Virtual Private Network), allowing secure remote access to the network. This capability is particularly beneficial for businesses with remote workers or those needing secure connections for branch offices.

DrayTek has also integrated advanced Quality of Service (QoS) features in the 2910, which prioritize bandwidth allocation to critical applications, ensuring that essential services receive the needed resources. This is crucial for maintaining the performance of VoIP (Voice over Internet Protocol) calls and video conferencing tools, which are increasingly vital in today’s business environment.

In terms of management, the DrayTek 2910 offers easy configuration through a user-friendly web interface, allowing administrators to set up and monitor the network with minimal effort. The device also supports TR-069 for remote management, enabling service providers to configure and monitor the router without requiring an on-site visit.

Overall, the DrayTek 2910 stands out for its blend of reliability, security, and performance, making it an excellent choice for businesses looking to enhance their networking capabilities while ensuring a secure and efficient operation. With its rich set of features and technologies, the DrayTek 2910 continues to be a preferred router for many organizations worldwide.
Top Page Image Contents