Firewall Overview; Function Overview - Zte ZXR10 8900 Series User Manual

1
C h a p t e r

Firewall Overview

Table of Contents:

Function Overview .............................................................. 1

Management Modes ............................................................ 5
Function Overview
ZXR10 8900 Series Switch firewall (FW) service card has the fol-
lowing basic functions:
� Supporting routing and hybrid working modes;
�
Supporting object-based network access control, including ac-
cess control of network layer, application layer and other lay-
ers;
� Supporting NAT
�
Supporting built-in IDS module, which prevents Land, Smurf,
TearOfDrop, Ping of Death, SynFlood, Targa3, IpSweep and
another few attacks and has the function of anti-DOS/DDOS.
� Supporting hot standby between FW cards;
�
Supporting FTP, TFTP, MMS, H.323, SIP, RSTP, SQLNET, and
PPTP protocols.
ZXR10 8900 Series Switch FW has the following features:
� Adopting the design of multi-interfaces, providing sound net-
work application scalability.
� Providing high-efficiency application layer access control.
Proxy technology is used for traditional access control on
application layer. System needs to switch among core layer,
application layer and processes frequently, which consumes a
lot system resources and influences performance.
� Showing flexible management. Network administrator can ac-
cess FW through various interfaces for central management.
� Using a brand new management port protocol. With this pro-
tocol, multiple management services can be enabled on the
unique service interface of FW.
� Providing high-performance content filtering.
system provides restore and security inspection to transmit-
ted packets and implements high-performance content secu-
rity protocol.
Confidential and Proprietary Information of ZTE CORPORATION
of multiple types of network addresses;
Core layer of
1