ProSafe VPN Firewall 200 FVX538 Reference Manual
•LAN Security Checks. A UDP flood is a form of denial of service attack that can be initiated when one machine sends a large number of UDP packets to random ports on a remote host. As a result, the distant host will (1) check for the application listening at that port, (2) see that no application is listening at that port and (3) reply with an ICMP Destination Unreachable packet.
When the victimized system is flooded, it is forced to send many ICMP packets, eventually making it unreachable by other clients. The attacker may also spoof the IP address of the UDP packets, ensuring that the excessive ICMP return packets do not reach him, thus making the attacker’s network location anonymous.
If enabled, the router will not accept more than 20 simultaneous, active UDP connections from a single computer on the LAN.
•VPN Pass through. When the router is in NAT mode, all packets going to the Remote VPN Gateway are first filtered through NAT and then encrypted per the VPN policy.
For example, if a VPN Client or Gateway on the LAN side of this router wants to connect to another VPN endpoint on the WAN (placing this router between two VPN end points), encrypted packets are sent to this router. Since this router filters the encrypted packets through NAT, the packets become invalid unless VPN Pass through is enabled.
When enabled, the VPN tunnel will pass the VPN traffic without any filtering. Tunnels can be:
–IPSec
–PPTP
–L2TP
To enable the appropriate Attack Checks for your environment:
1.Select Security from the main menu, Firewall Rules from the submenu and then the Attack Checks tab. The Attack Checks screen will display.
2.Check the radio boxes of the Attack Checks you wish to initiate.
Firewall Protection and Content Filtering |
v1.0, August 2006
