5 Programmable Filtering

Programmable filtering gives the network manager the ability to control under what conditions Ethernet frames are forwarded across bridge or bridge/router ports. There are many reasons why this might need to be accomplished, some of which are security, protocol discrimination, bandwidth conservation, and general restrictions.

To reach a specific filtering goal, there is usually more than one possible filter expression that may be used. This of course is dependent on the specific filtering requirement, and how flexible the filter should be.

The following pages describe how programmable filters may be used in typical applications. Although this is only a small sampling of the many possibilities, a cross-section of use of filters is presented.

MAC Address Filtering

Security

The need for security has become increasingly important in Local Area Networking, and with the use of programmable filters, security may be easily and effectively implemented across segment boundaries. By defining a programmable filter, the network manager may control what traffic is allowed between LAN segments, thereby controlling the security of resources by preventing unauthorized user access.

The P840 router provides three built-in functions – in addition to defined programmable masks – to control the access to resources. The first function is “Filter if Source the second is “Filter if Destination The third function allows you to change the filter operation from “positive” to “negative”. Positive filter operation causes the specified MAC addresses to be filtered according to the entered method. Negative filter operation causes the specified MAC addresses to be forwarded according to the entered method.

You may easily prevent any station on one segment from accessing a specific resource on the other segment; for this, “positive” filtering and the use of “Filter if Destination” would be appropriate. If you want to disallow a specific station from accessing any service, “Filter if Source” could be used.

You may easily prevent stations on one segment from accessing all but a specific resource on the other segment; for this, “negative” filtering and the use of “Forward if Destination” would be appropriate. If you want to disallow all but a specific station from accessing any service on the other segment, the use of “Forward if Source” could be used.

Example cases are found on the following pages.

TCP/IP, XNS, and Novell Netware frame formats, as well as some common Ethernet type codes, are found by the back cover.

41

Page 40 Page 42
Page 41
Image 41
Perle Systems P840 manual MAC Address Filtering, Security
Page 40 Page 42

P840 specifications

Perle Systems is renowned for its high-performance networking hardware, and the Perle P840 model exemplifies this reputation with its advanced features and technologies. Designed for small to medium-sized enterprises, the P840 serves as a versatile and reliable solution for connectivity needs.

One of the main features of the Perle P840 is its robust network performance, supporting both Ethernet and serial connectivity. With support for RS-232, RS-422, and RS-485 interfaces, the P840 enables seamless integration of legacy devices into modern network architectures, allowing businesses to leverage existing infrastructure without the need for extensive upgrades.

The P840 also boasts advanced security features to protect sensitive data during transmission. It supports SSL encryption and VPN capabilities, ensuring that data travels securely across the network. Additionally, it implements strong authentication protocols, providing organizations with peace of mind knowing that their communications are safeguarded against potential threats.

Another standout characteristic of the P840 is its flexibility in configuration. It offers multiple port configurations, allowing for customization based on specific user needs. With options for both managed and unmanaged modes, the device can easily adapt to various network environments. This flexibility makes it suitable for diverse applications, including industrial automation, process control, and telecommunications.

The Perle P840 is designed for durability and reliability, featuring a rugged enclosure that can withstand demanding environments. Its solid-state components reduce the risk of failure, contributing to increased uptime and lower maintenance costs. Furthermore, the compact design allows for easy installation in tight spaces, making it a practical choice for various deployment scenarios.

In terms of management and monitoring, the P840 includes an intuitive web-based interface, enabling administrators to configure settings and monitor network performance effortlessly. SNMP support further enhances management capabilities, allowing for integration into larger network management systems.

Overall, the Perle P840 stands out as a powerful solution for enterprises seeking seamless connectivity, robust security, and flexibility in configuration. Its combination of advanced features and durable design makes it an ideal choice for industries requiring reliable serial and network connectivity in challenging environments. With the P840, businesses can build a resilient networking infrastructure that supports their growing demands while safeguarding their critical data.
Top Page Image Contents