Overview Firewall
4-105
iMG/RG Software Reference Manual (IPNetwork Functions)
Victim Protection Block Duration: 600
Scan Detection Threshold: 5
Scan Detection Period: 10
Port Flood Detection Threshold: 10
Host Flood Detection Threshold: 20
FloodDetectPeriod : 10
Max TCP Open Handshaking Count: 5
Max PING Count: 15
Max ICMP Count: 100
4.3 Firewall
4.3.1 Overview
The AT-iMG Models security system implements a stateful Firewall providing high security by blocking certain
incoming traffic based on stateful information.
Each time outbound packets are sent from an internal host to an external host, the following information is
logged by the Firewall:
• source and destination addresses
• Port number
• Sequencing information
• Additional flags for each connection associated with that particular internal host
All inbound packets are compared against this logged information and only allowed through the Firewall if it can
be determined that they are part of an existing connection. This makes it very difficult for hackers to break
through the stateful Firewall, because they would need to know addresses, port numbers, sequencing informa-
tion and individual connection flags for an existing session to an internal host.
The firewall module manages firewall behaviour. The firewall module offers the ability to:
• Control what kind of Firewall activity is logged
• Protect the internal network using stateful firewall functionality
• Create policies
• Add validators to policies
• Add portfilters to policies
• Enable/disable and configure Intrusion Detection Settings (IDS)
In order to access firewall features, the firewall module must be enabled using the firewall enable command.
Figure 9 shows the entities involved in the firewall module and their relationships.
Comments to this Manuals