home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Chip 2005 March
/
CMCD0305.ISO
/
Software
/
Shareware
/
Comunicatii
/
ntkernelfw
/
ntkernelfw_trial.exe
/
{app}
/
SIFrwlSnapIn.dll
/
1049
/
HTML
/
273
next >
Wrap
Text File
|
2004-11-20
|
4KB
|
53 lines
<body bgcolor="#FFFFFF">
<p class="MsoNormal"><font face="Tahoma" size="2">
<img border="0" src="res://sifrwlsnapin.dll/#2/#275" width="143" height="32"></font></p>
<p class="MsoNormal"><font face="Tahoma" size="2"><b><span lang="EN-US">NeT
Firewall as Gateway/Internet Server Firewall: </span></b></font></p>
<p class="MsoNormal"><font face="Tahoma" size="2">
<span lang="EN-US" style="color: black"> NeT Firewall is very
inexpensive (several times cheaper than other server firewalls) and easy to
install and use server firewall solution. It </span><span lang="EN-US">operates
at a (relatively low) level below the TCP/IP protocol stack as IP-packet
filters, not allowing packets to pass the firewall unless they meet the rules
defined by the firewall administrator. <span style="color:black">NeT Firewall
also monitors the state of each connection and compiles the information in a
state table ensuring that the source and destination of each packet is valid, so
it is a full featured stateful firewall solution.</span></span></font></p>
<p class="MsoNormal"><font face="Tahoma" size="2"><i>
<span lang="EN-US" style="color: black">ô</span><span lang="EN-US">A
<strong>stateful firewall</strong> significantly improves on the security
ability of a packet filter because it is able to hold in memory, significant
attributes of each connection. It's called "stateful" because it keeps
information about the state of each connection from start to finish and performs
most CPU intensive checking at the time of setup of the connection. All packets
after that (for that session) are processed rapidly because it is simple and
fast to determine whether it belongs to an existing, pre-screened session. Once
the session has ended, its entry in the state-table is disguarded</span></i><span lang="EN-US">.<span style="color: black">ö
<i>(<b>BambooWeb Dictionary at www.bambooweb.com</b>)</i></span></span></font></p>
<p class="MsoNormal"><font face="Tahoma" size="2">
<span lang="EN-US" style="color: black"> </span><span lang="EN-US">
NeT Firewall controls inbound and outbound network traffic. By controlling
network traffic, the server is protected from attacks through unused network
ports or accessible server applications. NeT Firewall offers rich and flexible
filtering options to define the elaborate network traffic policies required in
corporate server environments.</span></font></p>
<p class="MsoNormal"><font face="Tahoma" size="2"><span lang="EN-US">
The integrated Port/Protocol Mapping services besides other things allow
creating such things like server cluster. The sample configuration is just like
below:</span></font></p>
<p class="MsoNormal"><font face="Tahoma" size="2"><span lang="EN-US"> <img border="0" src="res://sifrwlsnapin.dll/#2/#272" width="488" height="260"></span></font></p>
<p class="MsoNormal"><font face="Tahoma" size="2"><span lang="EN-US">
Here we have 4 systems, first run NeT Firewall and directly connected to the
Internet, second run some online game server (Ultima Online shard, Quake 3 Arena
or etc.), third is WWW server and fourth is a mail server. Net Firewall is
configured to map HTTP and HTTPS ports to 10.0.0.3, online game ports to
10.0.0.2 and SMTP/POP3/IMAP ports to 10.0.0.4. For the Internet users it looks
like a single system at IP address 195.210.128.5 (just a random address)
providing WWW, game and mail services. Similar configurations can be useful if
you have single IP address from the Internet realm and want to offload some
services you run to other systems.</span></font></p>
<p class="MsoNormal"><font face="Tahoma" size="2"><i>
<span lang="EN-US" style="color: black"> </span></i></font></p>
<p class="MsoNormal"><font face="Tahoma" size="2"><b><span lang="EN-US"> </span></b></font></p>
<p class="MsoNormal"> </p>
</body>
