Table of Contents
Advertisement
MH-5001 User Manual
22.1 Demands
Instant messaging (IM) and peer-to-peer (P2P) are the fastest growing communications medium of all time. The proliferation of
IM/P2P has created a network security threat and consumed significant amount of bandwidth. The key factor in the popularity of
these protocols is their ability to work across almost all practical firewall deployments. However, it is exactly this same ability that
has created the security threat, as these protocols are able to transfer information and files across the security infrastructure
relatively unchecked. Therefore, your company needs a tool to manage those IM/P2P applications.
22.2 Objectives
As Figure 22-1 illustrates, L7 Firewall is designed to manage IM/P2P/Remote Access applications. Whatever the TCP protocol or
a proxy server (such as HTTP/SOCKS) may be used by a certain application to attempt to deceive administrator, it will be
recognized by MH-5001.
22.3 Methods
The L7 firewall can be enabled by clicking the "Enable L7 Firewall" checkbox. When enabled, any IM/P2P sessions which
have been set to block will be stopped. For example, if you choose to block MSN, any MSN requests no matter it runs over HTTP/
SOCKS4/ SOCKS5 with random ports or the default well-known port 1863, it will be blocked. For the traffic to be allowed, select
"Allow" in the Action field. For those applications restricted to go out via the well-known port, select the "Allow only at port ( )"
in the Action field. All traffic will be normalized to go out via the well-known port. If you will not manage a certain applications,
select "--------------" to tell MH-5001 to skip it. That will make MH-5001 keep its good performance.
This chapter introduces Layer 7 Application Layer Firewall and explains how to implement it.
Block
No
Normalized port?
Packets in
L7 Firewall
Figure 22-1 IM Management design principle
Content Filters – L7 Firewall
Yes
Allow traffic?
Yes
No
Block
180
Chapter 22
Content Filters – L7 Firewall
Chapter 22
Advertisement
Table of Contents
Troubleshooting
