Manuals / SonicWALL / Household Appliance / Humidifier

SonicWALL TZ 180 manual Deep Packet Inspection Flow Diagram, NPUTP0ACKET UTPUT 0ACKET

Models: TZ 180

1 40

Download 40 pages 19.53 Kb

Page 17

Figure 1 Deep Packet Inspection Flow Diagram

SonicWALL Deep Packet Inspection

Figure 1 Deep Packet Inspection Flow Diagram

)NPUTP0ACKET

/UTPUT 0ACKET

The following steps describe how the SonicWALL Deep Packet Inspection Architecture functions:

1.Pattern Definition Language Interpreter uses signatures that can be written to detect and prevent against known and unknown protocols, applications and exploits.

2.TCP packets arriving out-of-order are reassembled by the Deep Packet Inspection framework.

3.Deep Packet Inspection engine preprocessing involves normalization of the packet’s payload. For example, a HTTP request may be URL encoded and thus the request is URL decoded in order to perform correct pattern matching on the payload.

4.Deep Packet Inspection engine postprocessors perform actions which may either simply pass the packet without modification, or could drop a packet or reset a TCP connection.

5.SonicWALL’s Deep Packet Inspection framework supports complete signature matching across the TCP fragments without performing any reassembly (unless the packets are out of order). This results in more efficient use of processor and memory for greater performance.

SonicWALL TZ 180 TotalSecure

17

Image 17

SonicWALL TZ 180 manual Deep Packet Inspection Flow Diagram, NPUTP0ACKET UTPUT 0ACKET

Contents

Introduction What is TotalSecure?Document Scope Administrator’s GuideBenefits of TotalSecure GAV Overview SonicWALL Gateway Anti-VirusHow Does GAV Work? Benefits4SonicWALL TZ 180 TotalSecure SonicWALL Gateway Anti-VirusNTERNAL .ETWORK 0ROTECTION SonicWALL GAV Multi-LayeredApproachILEL$OWNLOAD 0ROTECTION $ESKTOP AND 3ERVER 0ROTECTIONInternal Network Protection Remote Site ProtectionSonicWALL Gateway Anti-Virus 6SonicWALL TZ 180 TotalSecureVirus Discarded Alert Logged HTTP File DownloadsVirus Discarded Alert Logged Server Protection SonicWALL GAV ArchitectureProtocol Handling Disabling the SonicWALL GAV/IPS EnginePOP3 SMTPIMAP HTTPIPS Overview SonicWALL Intrusion Prevention ServiceHow Does IPS Work? IM, P2P and Proprietary ProtocolsSonicWALL Intrusion Prevention Service What is a Zone?Benefits 12SonicWALL TZ 180 TotalSecureSonicWALL Anti-Spyware SonicWALL Anti-SpywareSecurity ServiceThe Spyware Threat Benefits14SonicWALL TZ 180 TotalSecure SonicWALL Anti-SpywareCFS Overview SonicWALL Content Filtering Service - PremiumHow Does CFS Premium Work? BenefitsDPI Overview SonicWALL Deep Packet InspectionHow Does DPI Work? BenefitsNPUTP0ACKET UTPUT 0ACKET Figure 1 Deep Packet Inspection Flow DiagramWhat is Security Dashboard? SonicWALL Security DashboardSecurity Dashboard Overview How Does the Security Dashboard Work? BenefitsSecurity Dashboard Overview 20SonicWALL TZ 180 TotalSecure Figure 2 SonicWALL Security DashboardSonicWALL Security Dashboard Benefits What is Security Dashboard?How Does the Security Dashboard Work? Registering Your SonicWALL Security Appliance Registering Your Appliance on MySonicWALLPage Registering Your SonicWALL Security Appliance TotalSecure Configuration Task ListApplying SonicWALL GAV Protection on Interfaces Setting Up SonicWALL GAV ProtectionEnabling SonicWALL GAV The Edit Zone Viewing SonicWALL GAV Status Information Specifying Protocol Filtering Updating SonicWALL GAV SignaturesEnabling Inbound Inspection TotalSecure Configuration Task ListEnabling Outbound SMTP Inspection Configuring Client Alerts and an Exclusion ListRestricting File Transfers Configuring Client AlertsConfiguring a SonicWALL GAV Exclusion List Displaying Signatures Viewing SonicWALL GAV SignaturesNavigating the Gateway Anti-VirusSignatures Table 1.Enable SonicWALL Intrusion Prevention ServiceEnabling SonicWALL IPS 2.Specify the Priority attack GroupsEnable IPS Logging Fine-tuningthe IPSThe Brute-forceBaseline Setup Specifying Global Attack Level Protection1.Enable SonicWALL Anti-Spyware Setting Up SonicWALL Anti-SpywareProtection2.Specify Spyware Danger Level Protection 3.Apply SonicWALL Anti-SpywareProtection to ZonesEnabling SonicWALL Anti-Spyware Specifying Spyware Danger Level Protection Setting Up CFS PremiumGlossary Deep Packet Inspection - looking at the data portion of the packet. Enables the firewall to investigate farther into the protocol to examine information at the application layer and defend against attacks targeting application vulnerabilities Related Documentation Version Number Solution Document Version HistoryDate 6/11/200740SonicWALL TZ 180 TotalSecure Related Documentation