Table of Contents
Advertisement
iPBX30 User Manual
2.3.2 Firewall Features
The firewall as implemented in iPBX30 provides the following
features to protect your network from being attacked and to prevent
your network from being used as the springboard for attacks.
• Stateful Packet Inspection
• Packet Filtering (ACL)
• Defense against Denial of Service Attacks
• Log
2.3.2.1 Stateful Packet Inspection
The iPBX30 Firewall uses "stateful packet inspection" that extracts
state-related information required for the security decision from the
packet and maintains this information for evaluating subsequent
connection attempts. It has awareness of application and creates
dynamic sessions that allow dynamic connections so that no ports
need to be opened other than the required ones. This provides
a solution which is highly secure and that offers scalability and
extensibility.
2.3.2.2 Packet Filtering – ACL (Access Control List)
ACL rule is one of the basic building blocks for network security.
Firewall monitors each individual packet, decodes the header
information of inbound and outbound traffic and then either
blocks the packet from passing or allows it to pass based on the
contents of the source address, destination address, source port,
destination port, and protocol defined in the ACL rules. ACL is a
very appropriate measure for providing isolation of one subnet from
another. It can be used as the first line of defense in the network
to block inbound packets of specific types from ever reaching the
protected network.
The iPBX30 Firewall's ACL methodology supports:
• Filtering based on destination and source IP address, port
number and protocol
• Use of the wild card for composing filter rules
• Filter Rule priorities
Chapter 2
5
Advertisement
Table of Contents
