EasyManua.ls Logo

Radware Alteon - Basic Filtering Features; Filtering Benefits; Filtering Classification Criteria

Radware Alteon
842 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Alteon Application Switch Operating System Application Guide
Filtering and Traffic Manipulation
356 Document ID: RDWR-ALOS-V2900_AG1302
Basic Filtering Features
Alteon includes extensive filtering capabilities at the Layer 2 (MAC), Layer 3 (IP), Layer 4 (TCP/
UDP), and Layer 7 (content-based) levels.
This section includes an overview of the following topics:
Filtering Benefits, page 356
Filtering Classification Criteria, page 356
Filtering Actions, page 357
Stacking Filters, page 358
Overlapping Filters, page 358
Default Filter, page 359
Optimizing Filter Performance, page 359
Filtering with Network Classes, page 360
IP Address Ranges, page 360
Filter Logs, page 361
Cached Versus Non-Cached Filters, page 362
Filtering Benefits
Filtering provides the following benefits:
Filtering of Layer 2 non-IP framesIn Alteon, a filter can specify only source MAC and
destination MAC addresses, and capture and apply an allow.
Increased security for server networksFiltering gives you control over the types of traffic
permitted through Alteon. Filters can be configured to allow or deny traffic from Layer 2 through
Layer 7, including: MAC address, IP address, protocol, Layer 4 port, Layer 7 string or pattern
content.
Layer 2-only filters, as described in MAC-Based Filters for Layer 2 Traffic, page 373
, can be
configured to allow or deny non-IP traffic.
Map the source or destination IP addresses and portsGeneric NAT can be used to map
the source or destination IP addresses and the ports of private network traffic to or from
advertised network IP addresses and ports.
Note: When applied to ports, Alteon filters work exclusively in ingress and not egress.
Filtering Classification Criteria
Up to 2048 filters can be configured. Descriptive names can be used to define filters. Each filter can
be set to perform Filtering Actions, page 357
based on any combination of the following filter
options:
Table 29: Filter Options
Filter Option Description
smac Source MAC address
dmac Destination MAC address
ipver IP version
sip Source IP address or range (see IP Address Ranges, page 360
)

Table of Contents

Other manuals for Radware Alteon

Preview: Installation And Maintenance Guide
Installation And Maintenance Guide98 pages