Chapter 2. Getting to Know the OfficeConnect Gigabit VPN Firewall OfficeConnect VPN Firewall User’s Manual
6
2.4.1.5 Application Level Gateway (ALG)
Applications such as FTP, games etc., open connections dynamically based on
the respective application parameter. To go through the firewall on the
OfficeConnect Gigabit VPN Firewall, packets pertaining to an application, require
a corresponding allow rule. In the absence of such rules, the packets will be
dropped by the OfficeConnect Gigabit VPN Firewall. As it is not feasible to
create policies for numerous applications dynamically (at the same time without
compromising security), intelligence in the form of Application Level Gateways
(ALG), is built to parse packets for applications and open dynamic associations.
The OfficeConnect Gigabit VPN Firewall provides a number of ALGs for popular
applications such as FTP, H.323, RTSP, SIP, etc.
2.4.1.6 Local Content Filtering
A set of keywords that should not appear in the URL (Uniform Resource Locator,
e.g. www.yahoo.com) can be defined. Any URL containing one or more of these
keywords will be blocked. This is a policy independent feature i.e. it cannot be
associated to ACL rules. This feature can be independently enabled or disabled,
but works only if firewall is enabled.
2.4.1.7 Log and Alerts
Events in the network, that could be attempts to affect its security, are recorded
in the OfficeConnect Gigabit VPN Firewall System log file. Event details are
recorded in WELF (WebTrends Enhanced Log Format ) format so that statistical
tools can be used to generate custom reports. The OfficeConnect Gigabit VPN
Firewall can also forward Syslog information to a Syslog server on a private
network.
The OfficeConnect Gigabit VPN Firewall supports:
ï‚„ Alerts sent to the administrator via e-mail.
ï‚„ Maintains at a minimum, log details such as, time of packet arrival,
description of action taken by Firewall and reason for action.
ï‚„ Supports the UNIX Syslog format.
ï‚„ Sends log report e-mails as scheduled by the network administrator or by
default when the log file is full.
ï‚„ All the messages are sent in the WELF format.
ï‚„ ICMP logging to show code and type.
2.4.2 VPN
The introduction of broadband Internet access at an affordable price has
attracted a large number of users to use the Internet for business. Large-scale
use of a very open public network such as, the Internet comes with a lot of
advantages and associated risks. These risks include the lack of confidentiality
of data being sent and the authenticity of the identities of the parties involved in
the exchange of data. The VPN supported in the OfficeConnect Gigabit VPN
Firewall is intended to resolve these issues at an affordable price.
The VPN supported by the OfficeConnect Gigabit VPN Firewall is IPSec
compliant. Packets sent via VPN are encrypted to maintain privacy. The
encrypted packets are then tunneled through a public network. As a result,
tunnel participants enjoy the same security features and facilities that are
available only to members of private networks at a reduced cost.
The following table lists the VPN features supported by the OfficeConnect
Gigabit VPN Firewall:
Table 2.4 VPN Features of the OfficeConnect Gigabit VPN Firewall