large number of clients connecting through the NetDefend Firewall and it is therefore
recommended to consider using a higher value in such circumstances.
ALG Changes From NetDefendOS Version 11.01 Onwards
From NetDefendOS version 11.01 onwards, many of the predefined ALG objects have been
removed from a new installation of NetDefendOS. Upgrading from an older NetDefendOS will
not change the predefined ALG objects and a new installation can manually recreate any missing
ALGs if required.
With NetDefendOS version 11.01 and later, it is possible to avoid using most ALG objects directly.
This is achieved by using
IP Policy
objects in place of
IP Rule
objects. From 11.01 onwards, most
predefined
Service
objects can be used directly with an IP policy and all of the properties
previously available in the
ALG
object will become properties of the
IP Policy
object.
The only ALGs that cannot be used with IP policies in any version of NetDefendOS are the
SIP
and
H323
ALGs.
This topic is also discussed in
6.2.2. The HTTP ALG
Overview
Hyper Text Transfer Protocol
(HTTP) is the primary protocol used to access the
World Wide Web
(WWW). It is a connectionless, stateless, application layer protocol based on a request/response
architecture. A client, such as a Web browser, sends a request by establishing a TCP/IP
connection to a known port (usually port 80) on a remote server. The server answers with a
response string, followed by a message of its own. That message might be, for example, an HTML
file to be shown in the Web browser or an ActiveX component to be executed on the client, or
perhaps an error message.
The HTTP protocol has particular issues associated with it because of the wide variety of web
sites that exist and because of the range of file types that can be downloaded using the protocol.
The Light Weight HTTP ALG Alternative
This section describes the standard HTTP ALG. In many situations the alternative Light Weight
HTTP ALG (LW-HTTP ALG) can be a better choice since it requires less hardware resources and
can provide higher traffic throughput. Some features, such as Anti-Virus scanning and stripping
static content, are not available with the LW-HTTP ALG.
For more information about the differences between the two ALGs, see Section 6.2.3, “The
Light Weight HTTP ALG”.
Note: The HTTP and LW-HTTP ALGs provide IPv6 Support
The HTTP ALG and LW-HTTP ALGs can be used with IP Rule objects that reference IPv6
addresses and networks. Similarly, IPv6 based IP Policy objects can also make use of the
features of these ALGs (the ALG object is hidden when using an IP Policy).
Chapter 6: Security Mechanisms
427
Содержание NetDefendOS
Страница 30: ...Figure 1 3 Packet Flow Schematic Part III Chapter 1 NetDefendOS Overview 30 ...
Страница 32: ...Chapter 1 NetDefendOS Overview 32 ...
Страница 144: ...Chapter 2 Management and Maintenance 144 ...
Страница 220: ... Enable DHCP passthrough Enable L2 passthrough for non IP protocols 4 Click OK Chapter 3 Fundamentals 220 ...
Страница 267: ... SourceNetwork lannet DestinationInterface any DestinationNetwork all nets 4 Click OK Chapter 3 Fundamentals 267 ...
Страница 284: ...Chapter 3 Fundamentals 284 ...
Страница 360: ...The ospf command options are fully described in the separate NetDefendOS CLI Reference Guide Chapter 4 Routing 360 ...
Страница 392: ...Chapter 4 Routing 392 ...
Страница 396: ...Web Interface 1 Go to Network Ethernet If1 2 Select Enable DHCP 3 Click OK Chapter 5 DHCP Services 396 ...
Страница 419: ... Host 2001 DB8 1 MAC 00 90 12 13 14 15 5 Click OK Chapter 5 DHCP Services 419 ...
Страница 420: ...Chapter 5 DHCP Services 420 ...
Страница 424: ...2 Now enter Name lan_Access Action Expect Interface lan Network lannet 3 Click OK Chapter 6 Security Mechanisms 424 ...
Страница 573: ...Chapter 6 Security Mechanisms 573 ...
Страница 575: ...This section describes and provides examples of configuring NAT and SAT rules Chapter 7 Address Translation 575 ...
Страница 607: ...Chapter 7 Address Translation 607 ...
Страница 666: ...Chapter 8 User Authentication 666 ...
Страница 775: ...Chapter 9 VPN 775 ...
Страница 819: ...Chapter 10 Traffic Management 819 ...
Страница 842: ...Chapter 11 High Availability 842 ...
Страница 866: ...Default Enabled Chapter 13 Advanced Settings 866 ...
Страница 879: ...Chapter 13 Advanced Settings 879 ...