Firewall
BAT54-Rail/F..
Release
7.54
06/08
8.3
The BAT Firewall
265
D Re-establishing of the session (→ Page 265)
D Ping blocking (→ Page 266)
D Stealth mode(→ Page 267)
D Mask authentication port (→ Page 267)
U Firewall/QoS enabled
This option switches on or off the entire Firewall, including Quality of Service
functions.
Note: Please notice that the N:N mapping functions (’N:N mapping’
→ page 425) are only active when the Firewall has been switched on!
U Administrator email
One of the actions a Firewall can trigger is alerting of an network administra-
tor via email. The “administrator email” is the email account, to which the
alerting mails are sent to.
U Fragments
Some attacks from the Internet try to outsmart the Firewall by fragmented
packets (packets split into several small units). One of the main features of a
Stateful Inspection like in the BAT is the ability to re-assemble fragmented
packets in order to check afterwards the entire IP packet.
You can centrally adjust the desired behavior of the Firewall. The following
options are available:
D Filter: Fragmented packets are directly discarded by the Firewall.
D Route: Fragmented packets are passed on without any further checking
by the Firewall, as long as permitted by valid filter settings.
D Re-assemble: Fragmented packets are buffered and re-assembled to
complete IP packets. The re-assembled packets will then be checked and
treated according to the valid filter settings.
U Session recovery
The Firewall enters all actual permitted connections into the connection list.
Entries disappear automatically from the connection list after a certain time
(timeout), when no data has been transmitted over this connection any more
re-triggering the timeout.
To Next Page
Loading...
Need help?
General
