P320W Support Notes
as UNIX or Windows NT. It hides valuable data by requiring users to communicate with secure systems by mean of a proxy. A key drawback of this device is performance.
Stateful Inspection Firewalls restrict access by screening data packets against defined access rules. They make access control decisions based on IP address and protocol. They also 'inspect' the session data to assure the integrity of the connection and to adapt to dynamic protocols. The flexible nature of Stateful Inspection firewalls generally provides the best speed and transparency, however, they may lack the granular application level access control or caching that some proxies support.
What kind of firewall is the P320W?
1.The P320W's firewall inspects packets contents and IP headers. It is applicable to all protocols that understand data in the packet is intended for other layers, from network layer up to the application layer.
2.The P320W's firewall performs stateful inspection. It takes into account the state of connections it handles so that, for example, a legitimate incoming packet can be matched with the outbound request for that packet and allowed in. Conversely, an incoming packet masquerading as a response to a nonexistent outbound request can be blocked.
3.The P320W's firewall uses session filtering, i.e., smart rules, that enhance the filtering process and control the network session rather than control individual packets in a session.
4.The P320W's firewall is fast. It uses a hashing function to search the matched session cache instead of going through every individual rule for a packet.
Why do you need a firewall when your router has packet filtering and NAT
With the spectacular growth of the Internet and online access, companies that do business on the Internet face greater security threats. Although packet filter and NAT restrict access to particular computers and networks, however, for the other companies this security may be insufficient, because packets filters typically cannot maintain session state. Thus, for greater security, a firewall is considered.
What is Denials of Service (DoS) attack?
Denial of Service (DoS) attacks is aimed at devices and networks with a connection to the Internet. Their goal is not to steal information, but to disable a device or network so users no longer have access to network resources.
There are four types of DoS attacks:
1. Those that exploits bugs in a TCP/IP implementation such as Ping of Death and Teardrop.
60
All contents copyright (c) 2005 ZyXEL Communications Corporation.