Flags: | The Flags of route entry. The Flags describe certain characteristics of the |
| route. |
Logical Interface: | The logical interface of route entry. |
Physical | The physical interface of route entry. |
Interface: | |
Metric | The Metric of route entry. |
3.4 Firewall
3.4.1 Anti ARP Spoofing
ARP (Address Resolution Protocol) is used to analyze and map IP addresses to the corresponding MAC addresses so that packets can be delivered to their destinations correctly.
ARP functions to translate the IP address into the corresponding MAC address and maintain an ARP Table, where the latest used IP address-to-MAC address mapping entries are stored. ARP protocol can facilitate the Hosts in the same network segment to communicate with one another or access to external network via Gateway. However, since ARP protocol is implemented with the premise that all the Hosts and Gateways are trusted, there are high security risks during ARP Implementation Procedure in the actual complex network.
The attacker may send the ARP spoofing packets with false IP address-to-MAC address mapping entries, and then the device will automatically update the ARP table after receiving wrong ARP packets, which results in a breakdown of the normal communication. Thus, ARP defense technology is generated to prevent the network from this kind of attack.
3.4.1.1IP-MAC Binding
IP-MAC Binding functions to bind the IP address, MAC address of the host together and only allows the Hosts matching the bound entries to access the network.
Choose the menu Firewall→Anti ARP Spoofing→IP-MAC Binding to load the following page.
-70-