Draytek Vigor 2700 User Manual page 56

Vigor 2700 series firewall router
Hide thumbs Also See for Vigor 2700:
Table of Contents

Advertisement

F
i
r
e
w
a
F
i
r
e
w
a
The users on the LAN are provided with secured protection by the following firewall facilities:
User-configurable IP filter (Call Filter/ Data Filter).
Stateful Packet Inspection (SPI): tracks packets and denies unsolicited incoming data
Selectable Denial of Service (DoS) /Distributed DoS (DDoS) attacks protection
URL Content Filter
I
P
F
i
l
t
e
I
P
F
i
l
t
Depending on whether there is an existing Internet connection, or in other words "the WAN
link status is up or down", the IP filter architecture categorizes traffic into two: Call Filter and
Data Filter.
Call Filter - When there is no existing Internet connection, Call Filter is applied to all
traffic, all of which should be outgoing. It will check packets according to the filter rules.
If legal, the packet will pass. Then the router shall "initiate a call" to build the Internet
connection and send the packet to Internet.
Data Filter - When there is an existing Internet connection, Data Filter is applied to
incoming and outgoing traffic. It will check packets according to the filter rules. If legal,
the packet will pass the router.
The following illustrations are flow charts explaining how router will treat incoming traffic
and outgoing traffic respectively.
50
l
l
F
a
c
i
l
i
t
i
e
s
l
l
F
a
c
i
l
i
t
i
e
s
r
s
e
r
s
Vigor2700 Series User's Guide

Hide quick links:

Advertisement

Table of Contents
loading

Table of Contents