Cabletron Systems CSX100 series User Manual - Ip Internet Firewall

Router Feature Descriptions  97

Bridging and Routing Protocol Filtering

Filtering can be used to allow efficient usage of network resources and

provide security for your network and hosts.

IP Internet Firewall

The router supports IP Internet Firewall filtering to prevent unauthorized

access to your system and network resources from the Internet. A security

violation can occur when a packet is received from a WAN link, typically

connected from the Internet, which has the source IP address of a secure host

on your LAN.  Using this secure host address, functions can be performed

which only the secure host is authorized to perform.  This filter discards

packets received from the WAN which have a source IP address recognized as

a local LAN address.

Note: Most routers’ Firewall implementations protect against one form of

intrusion. The built-in protection Firewall of the router does not take the

place of a professional Firewall system designed to protect against multiple

violations.

Bridge Filtering

Bridge filtering allows a network administrator to control the flow of packets

across the router.  Bridge filtering can be used to ‘deny’ or ‘allow’ the

transmission or reception of packets based on a ‘matched pattern’ using a

specified position and hexadecimal content within the packet. Common uses

are to prevent access to remote networks, control unauthorized access to the

local network and limit unnecessary traffic.  (This feature is configured

through the Command Line Interface.)

Bandwidth Optimization Features

The router provides a number of features to maximize throughput and

minimize usage of WAN resources.

Data Compression

The router supports data compression of up to 4:1 allowing data transfer rates

over an ISDN line at up to 512Kbps.