Always enabled:
— Ethertype
Filters are configured in general router configuration mode, then applied to the Ethernet or frame relay network interface. Filters are applied to traffic in either the transmit or receive direction on that interface.
There is one filter access list per interface, per direction, with a maximum of
33 rules per list. For IP filters, all rules with a source host IP address are applied first; all rules with a destination host IP address are applied next. The remaining filters are applied in the order in which they were configured.
Bridge filtering does not apply when the router is in router-only mode. When bridging is enabled, separate ethertype filters are applied to the Ethernet and frame relay interfaces. They are applied to traffic in either the transmit or receive direction on that interface, with one filter access list per interface, per direction. There is a maximum of 16 rules per list. Each rule in the access list allows the user to filter a single ethertype or range of ethertypes.
MAC frames can be filtered based on the:
SNAP Ethernet field in the 802.2 and 802.3 header. ￿Protocol type field in the DIX Ethernet header.
For ethertype filters, the rules are applied in the order in which they were configured.
￿
￿Router filtering does not apply when the router is in bridge-only mode. By default, filtering is disabled on the router. Filtering provides security advantages on LANs by restricting traffic on the network. A filter consists of a set of rules applied to a specific interface to indicate whether a packet received or sent on that interface is forwarded or discarded.
The router offers security via the following:
Filtering can be enabled or disabled for inbound and/or outbound traffic:
— IP Protocol Type: TCP, UDP, or ICMP
— Smurf Attack Prevention
— Land Bug Prevention
— IP Source/Destination IP Address
— TCP/UDP Ports
— ICMP Message Type, Code

5. Configuring the FrameSaver DSL Router

Router Security

IP Router Filtering

Bridge Filtering

9700-A2-GB20-20

December 2002

5-15

Page 118 Page 120
Page 119
Image 119
Paradyne 9720, 9788 manual Router Security, IP Router Filtering Bridge Filtering
Page 118 Page 120

9720, 9788 specifications

The Paradyne 9820-8M, 9788, 9128 standalone, 9128 carrier-mount, and 9820-2M are critical components in telecommunications networks, designed to enhance data transmission and improve connectivity. Each model offers unique features and capabilities that cater to various requirements in both enterprise and service provider environments.

The Paradyne 9820-8M is a multi-service access platform that provides high-speed connectivity for voice, video, and data transmission. It supports multiple protocols, enabling seamless integration into existing infrastructures. Key features include a modular design that allows for scalability and easy upgrades, ensuring that organizations can adapt to evolving demands. Its advanced error correction and QoS (Quality of Service) features ensure reliable performance, even in challenging network conditions.

The Paradyne 9788 serves as a versatile platform for both digital and analog communications. It excels in the delivery of broadband services, supporting T1/E1 lines and providing robust mechanisms for data transmission. This model emphasizes redundancy and resilience, with built-in protection switching capabilities that maintain service continuity during faults or maintenance activities. Its compact design makes it an ideal solution for environments with space constraints.

The 9128 standalone model is aimed at customers requiring an easy-to-deploy solution for point-to-point connections. This model offers critical features such as an intuitive user interface, comprehensive diagnostics, and monitoring capabilities that facilitate system management. It also supports diverse network topologies, making it suitable for various deployment scenarios.

In contrast, the 9128 carrier-mount version is engineered for organizations needing to manage multiple connections within a central office or remote site. This model is specifically designed to be mounted in standard telecom racks, optimizing space utilization while maintaining high performance. Its robust hardware allows for excellent thermal management and environmental resilience.

Lastly, the Paradyne 9820-2M combines versatility with high-performance capabilities, making it a reliable choice for service providers. It features dual-channel support, enabling simultaneous transmission and providing a cost-effective solution for high-capacity data needs. With enhanced security features, including encryption capabilities, the 9820-2M ensures that sensitive information transmitted across networks is protected against unauthorized access.

Collectively, these Paradyne models exemplify advanced telecommunications technology, offering scalability, resilience, and high performance. Their diverse features cater to the unique demands of various users, from enterprise networks to service providers, facilitating the continual evolution of communication technologies.
Top Page Image Contents