CHAPTER 23. Firewall NAT
232
© SAMSUNG Electronics Co., Ltd.
Firewall also offers a rich set of features such as protection against
DOS(Denial Of Service) attacks, Network Address Translation(NAT), etc.
Firewall policies are created by CLI/GUI and stored in the Firewall Policy
Data Base and dynamically created associations are stored in the Association
Data Base.
Firewall and VPN are tightly coupled together. Some of the dynamic
associations created are shared by the two modules. So, it is not possible to
use VPN without using firewall. However, firewall can be used without VPN
enabled-VPN in pass-through mode.
Virtual Firewall
Virtual Firewalls completely break the one-device/one-policy-database
constraint. Instead, many discrete firewalls can be run on a single device with
the Virtual Firewall capability. A Virtual Firewall(VF) provides multiple
logical firewalls for multiple networks, on one system.
This is accomplished by establishing firewall ‘maps’, with each map having
its own user defined security policy. Each map has its own outbound and
inbound policies and configuration objects. Maps can be added or removed to
provide scalability with the growth of subscriber networks.
Virtual firewall feature can be used to provide separate firewall policies as
shown in the following diagram
1.
Internet(
internet
) for the untrusted network.
2.
Corporation(
corp
) for the corporate network.
3.
Demilitarized Zone(
dmz
)for the server accessibility from the untrusted
side-or other user-defined network.
4.
Managing access to the box.
Summary of Contents for Ubigate iBG3026
Page 1: ......
Page 16: ...INTRODUCTION XIV SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 32: ...TABLE OF CONTENTS XXX SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 34: ......
Page 64: ...CHAPTER 4 System Logging 30 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 72: ......
Page 94: ...CHAPTER 7 WAN Interfaces 58 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 110: ......
Page 156: ...CHAPTER 15 BGP 118 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 178: ...CHAPTER 17 VRRP 140 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 262: ......
Page 288: ...CHAPTER 23 Firewall NAT 248 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 346: ......
Page 706: ...CHAPTER 36 Management 664 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 718: ...EQBD 000026 Ed 00 ...