SINAUT MD741-1
70
C79000-G8976-C236-04
Security functions
6
6.1
Firewall rules
The SINAUT MD741-1 contains a stateful inspection firewall.
A stateful inspection firewall is a packet filtering method. Packet filters only let IP
packets through if this has been defined previously using firewall rules. The
following is defined in the firewall rules:
●
which protocol (TCP, UDP, ICMP) can go through,
●
the permitted source of the IP packets (From IP / From port)
●
the permitted destination of the IP packets (To IP / To port)
It is likewise defined here what will be done with IP packets that are not allowed
through (discard, reject).
For a simple packet filter it is always necessary to create two firewall rules for a
connection:
●
One rule for the query direction from the source to the destination, and
●
a second rule for the query direction from the destination to the source.
It is different for a SINAUT MD741-1 with a stateful inspection firewall. Here a
firewall rule is only created for the query direction from the source to the
destination. The firewall rule for the response direction from the destination to the
source results from analysis of the data previously sent. The firewall rule for the
responses is closed again after the responses are received or after a short time
period has elapsed. Thus responses can only go through if there was a previous
query. This means that the response rule cannot be used for unauthorised access.
What is more, special procedures make it possible for UDP and ICMP data to also
go through, even though these data were not requested before.