Avaya BCM50 Rls 6.0 Task Based Manual Download Page 6 | Manualshive

Page: 6 / 26

Avaya BCM50 Rls 6.0 Task Based Manual Download Page 6

IP Firewall

6 NN40011-045 Issue 1.2 BCM50 Rls 6.0

attack, where an attacker tries to block valid users from accessing a resource
or a server.

Stateful filtering supports TCP, UDP, IP, and ICMP. Stateful filtering supports
the following applications: H.323, FTP, HTTP, POP3, Telnet, SMTP, DNS,
DHCP, TFTP, GOPHER, FINGER, NNTP, NetBIOS, POP2, RPC, SNMP and
SUNNFS.

Denial of Service (DoS) Attacks

Denials  of  Service  (DoS)  attacks  are  aimed  at  devices  and  networks  with  a
connection to the Internet. Their goal is not to steal information, but to disable
a  device  or  network  so  users  no  longer  have  access  to  network  resources.
The  BCM50e/be  Integrated  Router  is  pre-configured  to  automatically  detect
and thwart all known DoS attacks.

Default Configuration

By default, the BCM50 Integrated Router firewall is configured to allow all
traffic originating from the LAN and deny all traffic originating from the WAN.
Any traffic responding to requests from the LAN to the WAN, e.g. http traffic is
allowed through the firewall and returned to the request originator.

The exception to WAN originating traffic is IKE requests. IKE (Internet Key
Exchange) is

used to set up VPN’s (Virtual Private Network) connections.

Firewall Rules

Rule Direction

Rules can be configured for the direction of traffic in the following ways:



LAN to WAN: This direction is designed to stop some or all users on

the  network  accessing  some  services  on  the  Internet.  For  example,  if
certain  users  are  less  productive  due  to  inappropriate  usage  of  MSN
Messenger,  those  users  (essentially  IP  Addresses)  can  be  blocked
from using the MSN Messenger port (TCP port 1863).



WAN to LAN: By default, all traffic except IKE requests are blocked

from the WAN to the LAN. It is possible to allow certain traffic, e.g.
Element Manager, from a specific or multiple users based on their
WAN IP Address.



LAN to LAN: By default there are no rules configured for this option.

This allows computers on the LAN to manage the BCM50 Integrated
Router and communicate between networks or subnets connected to
the LAN interface.



WAN to WAN: By default all packets are blocked for this option. This

prevents computers on the WAN from using the BCM50 Integrated
Router as a gateway to communicate with other computers on the
WAN and/or managing the BCM50 Integrated Router.

«
...
4
5
6
7
8
...
»

Summary of Contents for BCM50 Rls 6.0

Page 1: ...BCM50 Rls 6 0 Router IP Firewall Task Based Guide...

Page 2: ...YA AN AVAYA AFFILIATE OR AN AVAYA AUTHORIZED RESELLER AND AVAYA RESERVES THE RIGHT TO TAKE LEGAL ACTION AGAINST YOU AND ANYONE ELSE USING OR SELLING THE SOFTWARE WITHOUT A LICENSE BY INSTALLING DOWNLO...

Page 3: ...se to report problems or to ask questions about your product The support telephone number is 1 800 242 2121 in the United States For additional support telephone numbers see the Avaya Web site http ww...

Page 4: ...e Order 7 Required Information 7 Flow Chart 8 Accessing the Web Router GUI 9 From Element Manager 9 Access Directly via a Web Browser 14 BCM50 Integrated Router Firewall Configuration 16 Configuring t...

Page 5: ...ternet The BCM50 Integrated Router can be used to prevent theft destruction and modification of data as well as log events which may be important to the security of your network The BCM50 Integrated R...

Page 6: ...he exception to WAN originating traffic is IKE requests IKE Internet Key Exchange is used to set up VPN s Virtual Private Network connections Firewall Rules Rule Direction Rules can be configured for...

Page 7: ...ollowing information State the intent of the rule For example This restricts all IRC access from the LAN to the Internet Or This allows a remote Lotus Notes server to synchronize over the Internet to...

Page 8: ...wall general settings refer to the Configuring the Firewall section of this guide Configure the individual Firewall rules refer to the Inserting a Firewall Rule section of this guide Do you need to de...

Page 9: ...re configuring Via Element Manager management application for all BCM50 models Directly from a web browser From Element Manager 1 To access the Business Element Manager application from the Start Menu...

Page 10: ...ement Manager interface 4 Open the Network Elements folder and select the IP Address of the BCM 5 Enter the User Name of the BCM in the User Name field by default this is nnadmin Then enter the Passwo...

Page 11: ...IP Firewall NN40011 045 Issue 1 2 BCM50 Rls 6 0 11 6 A warning screen will appear read the warning and click OK 7 You will be presented with the Element Manager interface...

Page 12: ...unch Router Web GUI Tool button 9 The Business Secure Router logon screen will be displayed Enter the Username default nnadmin and Password default PlsChgMe and click Login Note if the above logon det...

Page 13: ...IP Firewall NN40011 045 Issue 1 2 BCM50 Rls 6 0 13 11 To replace factory certificate click Apply or Ignore to continue 12 The Main Menu screen will display...

Page 14: ...in http router card LAN IP Address and press Enter 2 The Business Secure Router logon screen will be displayed Enter the Username default nnadmin Password default PlsChgMe and click Login Note if the...

Page 15: ...IP Firewall NN40011 045 Issue 1 2 BCM50 Rls 6 0 15 4 To replace factory certificate click Apply or Ignore to continue 5 The Main Menu screen will display...

Page 16: ...s as required Select a Packet Direction e g LAN to WAN etc Select the Action for packets that don t match firewall rules for the chosen Packet Direction 4 Click on Insert to add a new rule refer to In...

Page 17: ...1 045 Issue 1 2 BCM50 Rls 6 0 17 Inserting a Firewall Rule Use the following procedure to configure individual Firewall rules 1 In the Firewall Summary screen click on Insert The Firewall Edit Rule sc...

Page 18: ...ou may need to remove the default Any setting as this defines all source destination IP Addresses Select which Services the rule can use If the service you require is not defined in this list refer to...

Page 19: ...isting one or DestDelete to delete one Service Select a service in the Available Services box on the left then click to select it The selected service shows up on the Selected Services box on the righ...

Page 20: ...ble Services list is not present you can create your own service Pre defined Services include Telnet FTP http etc 1 Whilst in the Edit Rule screen click on the Add button in the Custom Ports section 2...

Page 21: ...pear in the Available Services list You will be able to select this service if required Enabling the Firewall After configuring the firewall rules you should ensure the firewall is enabled 1 Whilst in...

Page 22: ...o determine when to drop sessions that do not become fully established These thresholds apply globally to all sessions You can use the default threshold values or you can change them to values more su...

Page 23: ...ry until the number of existing half open sessions drops below this number Maximum Incomplete High 100 existing half open sessions The above values causes the BCM50e be Integrated Router to start dele...

Page 24: ...Destinations You can configure an e mail destination if you wish to be alerted about any attacks that occur against the router Alerts are e mailed as soon as they happen to the configured destination...

Page 25: ...across a firewall 25 TCP SMTP used for Unified Messaging 143 TCP IMAP used for Unified Messaging 161 UDP SNMP management 162 UDP SNMP traps 389 TCP LDAP used for Unified Messaging 1222 TCP LAN CTE cl...

Page 26: ...IP Firewall 26 NN40011 045 Issue 1 2 BCM50 Rls 6 0 Avaya Documentation Links BCM50e Integrated Router Configuration Basics BCM50a Integrated Router Configuration Basics...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands