Table of Contents
Advertisement
4.3.3 Advanced Firewall Settings
Advanced firewall settings are used to supplement the firewall rules, providing extra security enhancement against
DHCP and ARP traffics traversing the available interfaces of system.
♦ Trust Interface: Each interface can be checked individually to mark as trusted interfaces; security
enforcements on DHCP/ARP like DHCP snooping and ARP inspection will be carried out on non-trusted
interfaces.
♦ DHCP Snooping: When enabled, DHCP packets will be validated against possible threats like DHCP
starvation attack; in addition, the trusted DHCP server (IP/MAC) can be specified to prevent rogue DHCP
server.
♦ ARP Inspection: When enabled, ARP packets will be validated against ARP spoofing. Trust List
Broadcast can be enabled to let other NP727 (with L2 firewall feature) learn the trusted MAC/IP pairs to
issue ARP requests. Static Trust List can be used to add MAC or MAC/IP pairs to issue ARP request.
Other network nodes can still send their ARP requests; however, if their IP appears in the static list (with
different MAC), their ARP requests will be dropped to prevent eavesdropping.
If any settings are made, please click SAVE to save the configuration before leaving this page.
NP727 User's Manual V1.00
Advanced Firewall Settings
Advertisement
Table of Contents
Need help?
Do you have a question about the INFRASTRUCTURE SERIES and is the answer not in the manual?