Manuals / Netopia / Computer Equipment / Network Router

Netopia 4752 manual Design guidelines, Filtering example #2, Disadvantages of filters

Models: 4752

1 284
Download 284 pages 8.12 Kb
Page 182
Image 182

13-10 Administration Guide

Filtering example #2

Suppose a filter is configured to block all incoming IP packets with the source IP address of 200.233.14.0, regardless of the type of connection or its destination. The filter would look like this:

+-#---

Source IP Addr---

Dest IP Addr-----

Proto-Src.Port-D.Port--On?-Fwd-+

+----------------------------------------------------------------------

 

 

+

1

200.233.14.0

0.0.0.0

0

Yes No

 

 

 

+----------------------------------------------------------------------

 

 

+

This filter blocks any packets coming from a remote network with the IP network address 200.233.14.0. The 0 at the end of the address signifies any host on the class C IP network 200.233.14.0. If, for example, the filter is applied to a packet with the source IP address 200.233.14.5, it will block it.

In this case, the mask, which does not appear in the table, must be set to 255.255.255.0. This way, all packets with a source address of 200.233.14.x will be matched correctly, no matter what the final address byte is.

Note: The protocol attribute for this filter is 0 by default. This tells the filter to ignore the IP protocol or type of IP packet.

Design guidelines

Careful thought must go into designing a new filter set. You should consider the following guidelines:

Be sure the filter set’s overall purpose is clear from the beginning. A vague purpose can lead to a faulty set, and that can actually make your network less secure.

Be sure each individual filter’s purpose is clear.

Determine how filter priority will affect the set’s actions. Test the set (on paper) by determining how the filters would respond to a number of different hypothetical packets.

Consider the combined effect of the filters. If every filter in a set fails to match on a particular packet, the packet is:

Forwarded if all the filters are configured to discard (not forward)

Discarded if all the filters are configured to forward

Discarded if the set contains a combination of forward and discard filters

Disadvantages of filters

Although using filter sets can greatly enhance network security, there are disadvantages:

Filters are complex. Combining them in filter sets introduces subtle interactions, increasing the likelihood of implementation errors.

Enabling a large number of filters can have a negative impact on performance. Processing of packets will take longer if they have to go through many checkpoints.

Too much reliance on packet filters can cause too little reliance on other security methods. Filter sets are not a substitute for password protection, effective safeguarding of passwords, caller ID, the “must match”

Page 181 Page 183
Page 182
Image 182
Netopia 4752 manual Design guidelines, Filtering example #2, Disadvantages of filters
Page 181 Page 183

4752 specifications

The Netopia 4752 is a versatile networking device that serves as a digital subscriber line (DSL) modem and router, designed to provide high-speed internet connectivity and advanced networking capabilities for home and small office environments. This device is notable for its reliability and ease of use, making it a popular choice among users looking for seamless internet access.

One of the main features of the Netopia 4752 is its support for various DSL technologies, including ADSL and ADSL2+. This compatibility ensures that users can achieve optimal bandwidth and speed, even on legacy DSL lines. The modem’s capability to handle downstream speeds of up to 24 Mbps allows for smooth streaming, gaming, and browsing experiences.

Equipped with a robust built-in router, the Netopia 4752 offers multiple Ethernet ports for direct wired connections, accommodating multiple devices simultaneously. This feature is especially beneficial in environments where multiple users need to access the internet without latency. Additionally, the device supports wireless connectivity, enabling users to connect their laptops, smartphones, and other Wi-Fi-enabled devices effortlessly.

Security is a crucial aspect of the Netopia 4752’s functionality. The device incorporates a built-in firewall and supports various security protocols, including WPA and WPA2, ensuring that users’ data remains protected from unauthorized access. The user-friendly web-based interface facilitates easy configuration of security settings, making it accessible even for those with limited technical knowledge.

The Netopia 4752 also features advanced Quality of Service (QoS) settings that allow users to prioritize bandwidth for specific applications or devices. This capability is crucial for households or offices that demand high performance for video conferencing, streaming services, or online gaming.

In terms of characteristics, the Netopia 4752 boasts a compact form factor, making it easy to integrate into any workspace without occupying much space. Its durable design ensures longevity, providing reliable service over time.

Overall, the Netopia 4752 stands out as a dependable DSL modem and router solution, with its high-speed internet capabilities, security features, and flexible connectivity options suitable for both home and small office users who require efficient and effective internet access.