Ubigate iBG2016 Configuration Guide/Ed.00
© SAMSUNG Electronics Co., Ltd.
237
y
Many-to-one reverse NAT(NAT record attached to in bound policy)
y
One-to-one reverse NAT(NAT record attached to in bound policy)
y
Many-to-many regular NAT(NAT record attached to out bound Policy)
Multiple policies can share single NAT address, provided NAT address is of
type many to one only.
Public ip addresses belonging to each map are maintained in one table. A map
cannot use public ip address assigned to another map.
Application Content Filtering
Firewall supports command level filtering for certain well known applications.
You can define application specific content filtering schemes by configuring
application objects. Firewall can perform selective content filtering for SMTP,
FTP, HTTP, and RPC Applications like disabling or enabling of individual
commands of the application.
Firewall has the necessary intelligence to parse the contents of these
applications and selectively filter out some commands. Some of these
commands might reveal unwanted information. For this purpose, firewall
maintains a database where such protocol commands can be configured and
this database will eventually be used when the actual datagram travels in the
network. This application control database maintains the above mentioned
protocol commands.
Every application control in the application control database can represent for
one of the above-mentioned applications. Each application control contains
the application protocol information such as, the IP protocol, the transport
protocol.
Along with this it maintains a set of application commands. These application
commands can depend on the protocol it represents. In case of SMTP & FTP
they are simple English commands, in case of RPC they are program numbers
and in case of HTTP it is file extensions. Along with this command,
application control also maintains the action that needs to be applied.
The actions are either ALLOW or DENY. This application control can be
attached to an access policy to enable application command filtering.
Содержание Ubigate iBG2016
Страница 1: ......
Страница 16: ...INTRODUCTION XIV SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 34: ......
Страница 42: ...CHAPTER 1 Basic Configuration 8 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 62: ...CHAPTER 4 System Logging 28 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 70: ......
Страница 108: ......
Страница 126: ...CHAPTER 1 Layer 2 Switching 90 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 140: ...CHAPTER 4 RIP 104 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 156: ...CHAPTER 6 BGP 120 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 176: ...CHAPTER 7 MultiCast Protocols 140 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 180: ...CHAPTER 8 VRRP 144 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 264: ...CHAPTER 10 QoS 228 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 270: ...CHAPTER 11 VLAN forwarding with QoS 234 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 272: ......
Страница 278: ...CHAPTER 1 Authentication Authorization Accounting 228 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 298: ...CHAPTER 3 Firewall NAT 248 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 356: ...CHAPTER 5 IPSEC 306 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 358: ......
Страница 390: ...CHAPTER 2 VoIP Gateway Management 336 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 514: ...CHAPTER 4 H 323 Gateway Management 460 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 670: ...CHAPTER 8 Routing and Digit Manipulation 616 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Страница 744: ...EQBD 000071 Ed 00 ...