Ubigate iBG2016 Configuration Guide/Ed.00
© SAMSUNG Electronics Co., Ltd.
237
y
Many-to-one reverse NAT(NAT record attached to in bound policy)
y
One-to-one reverse NAT(NAT record attached to in bound policy)
y
Many-to-many regular NAT(NAT record attached to out bound Policy)
Multiple policies can share single NAT address, provided NAT address is of
type many to one only.
Public ip addresses belonging to each map are maintained in one table. A map
cannot use public ip address assigned to another map.
Application Content Filtering
Firewall supports command level filtering for certain well known applications.
You can define application specific content filtering schemes by configuring
application objects. Firewall can perform selective content filtering for SMTP,
FTP, HTTP, and RPC Applications like disabling or enabling of individual
commands of the application.
Firewall has the necessary intelligence to parse the contents of these
applications and selectively filter out some commands. Some of these
commands might reveal unwanted information. For this purpose, firewall
maintains a database where such protocol commands can be configured and
this database will eventually be used when the actual datagram travels in the
network. This application control database maintains the above mentioned
protocol commands.
Every application control in the application control database can represent for
one of the above-mentioned applications. Each application control contains
the application protocol information such as, the IP protocol, the transport
protocol.
Along with this it maintains a set of application commands. These application
commands can depend on the protocol it represents. In case of SMTP & FTP
they are simple English commands, in case of RPC they are program numbers
and in case of HTTP it is file extensions. Along with this command,
application control also maintains the action that needs to be applied.
The actions are either ALLOW or DENY. This application control can be
attached to an access policy to enable application command filtering.
Summary of Contents for Ubigate iBG2016
Page 1: ......
Page 16: ...INTRODUCTION XIV SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 34: ......
Page 62: ...CHAPTER 4 System Logging 28 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 70: ......
Page 108: ......
Page 140: ...CHAPTER 4 RIP 104 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 156: ...CHAPTER 6 BGP 120 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 180: ...CHAPTER 8 VRRP 144 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 264: ...CHAPTER 10 QoS 228 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 272: ......
Page 298: ...CHAPTER 3 Firewall NAT 248 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 356: ...CHAPTER 5 IPSEC 306 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...
Page 358: ......
Page 744: ...EQBD 000071 Ed 00 ...