Page 61 / 91 Scroll up to view Page 56 - 60
Schedule Rule
You may filter Internet access for local clients based on rules.
Each access control rule may be activated at a scheduled time. Define the schedule on the
Schedule Rule page, and apply the rule on the Access Control page.
Click Add Schedule Rule.
Edit Schedule Rule
You can create and edit schedule rules on this page.
61
Page 62 / 91
Define the appropriate settings for a schedule rule (as shown on the following screen). The rule in
the screen shot above prohibits emailing from 3.00pm to 11.59pm from Monday to Thursday.
Upon completion, click “OK” to save your schedule rules.
Intrusion Detection
The Belgacom b-box’s firewall inspects packets at the application layer, maintains TCP and
UDP session information including timeouts and number of active sessions, and provides
the ability to detect and prevent certain types of network attacks such as Denial-of-Service
(DoS) attacks.
62
Page 63 / 91
Network attacks that deny access to a network device are called DoS attacks. DoS attacks are
aimed at devices and networks with a connection to the Internet. Their goal is not to steal
information, but to disable a device or network so users no longer have access to network
resources.
The Belgacom b-box protects against DoS attacks including: Ping of Death (Ping flood) attack,
SYN flood attack, IP fragment attack (Teardrop Attack), Brute-force attack, Land Attack, IP
Spoofing attack, IP with zero length, TCP null scan (Port Scan Attack), UDP port loopback, Snork
Attack.
Note:
The firewall does not significantly affect system performance, so
we advise enabling the prevention features to protect your
network.
Parameter
Defaults
Description
Enable SPI
and
Yes
The Intrusion Detection feature of
the Telephony
Anti-DoS
firewall
protection
Router limits the access of
incoming traffic at the WAN port.
When the Stateful Packet
Inspection (SPI) feature is turned
on, all incoming packets are
blocked except those types marked
with a check in the Stateful Packet
Inspection section at the top of the
screen.
Stateful
Packet
Inspection
This option allows you to select
different application types that are
using dynamic port numbers. If you
wish to use Stateful Packet
Inspection (SPI) for blocking
packets, click on the Yes radio
button in the “Enable SPI and Anti-
DoS
firewall protection” field and then
check the inspection type that you
need, such as Packet
Fragmentation, TCP Connection,
UDP Session, FTP Service, H.323
Service, and TFTP Service.
It is called a “stateful” packet
inspection because it examines the
contents of the packet to determine
the state of the communication; i.e.,
it ensures that
63
Page 64 / 91
the stated destination computer has
previously requested the current
communication. This is a way of
ensuring that all communications
are initiated by the recipient
computer and are taking place only
with sources that are known and
trusted from previous interactions.
In addition to being more rigorous
in their inspection of packets,
stateful inspection firewalls also
close off ports until a connection to
the specific port is requested.
When particular types of traffic are
checked, only the particular type of
traffic initiated from the internal LAN
will be allowed. For example, if the
user only checks FTP Service in
the Stateful Packet Inspection
section, all incoming traffic will be
blocked except for FTP connections
initiated from the local LAN.
Hacker Prevention
Feature
Discard Ping
from WAN
Discard
Prevents a ping on the router’s
WAN port from being routed to the
network.
Parameter
Defaults
Description
RIP Defect
Enabled
If the router does not reply to an
IPX RIP request
packet, it will stay in the input
queue and not be
released. Accumulated packets
could cause the
input queue to fill, causing severe
problems for all
protocols. Enabling this feature
prevents the
packets accumulating.
When
hackers
attempt to
enter your
network, we
can alert
youby email
Your E-mail
Address
Enter your email address.
SMTP
Server
Address
Enter your SMTP server address
(usually the part of the email
address following the “@” sign).
64
Page 65 / 91
POP3
Server
Address
Enter your POP3 server address
(usually the part of the email
address following the “@” sign).
User Name
Enter your email account user
name.
Password
Enter your email account password.
Connection Policy
Fragmentation 10 secs Configures the number of seconds that a packet
half-open wait
state structure remains active. When the timeout value expires, the
router drops the unassembled packet, freeing that structure for use by
another packet.
TCP SYN wait 30 secs Defines how long the software will wait for a TCP session to reach an
established state before dropping the session.
TCP FIN wait 5 secs
Specifies how long a TCP session will be managed after the firewall
detects a FIN-exchange.
TCP connection 3600 secs The length of time for which a TCP session will be
idle timeout (1 hour) managed if there is no activity.
UDP session idle 30 secs The length of time for which a UDP session will
timeout be managed if there is no activity.
H.323 data 180 secs The length of time for which an H.323 session will
channel idle be managed if there is no activity.
timeout
Parameter Defaults Description
DoS Detect Criteria
Total incomplete 300 Defines the rate of new unestablished sessions that TCP/UDP sessions
will cause the software to
start
deleting half-open sessions HIGH sessions.
Total incomplete 250 Defines the rate of new unestablished sessions that TCP/UDP sessions
will cause the software to
stop
deleting half-open sessions LOW sessions.
Incomplete 250 Maximum number of allowed incomplete
TCP/UDP sessions TCP/UDP sessions per minute.
sessions (per min.)
HIGH
Incomplete 200 Minimum number of allowed incomplete
TCP/UDP sessions TCP/UDP sessions per minute.
sessions (per min.)
LOW
Maximum 10 Maximum number of incomplete TCP/UDP
incomplete sessions from the same host.
TCP/UDP
sessions number
from same host
Incomplete 300 msecs Length of time before an incomplete TCP/UDP
TCP/UDP session is detected as incomplete.
sessions detect
65

Rate

4 / 5 based on 1 vote.

Popular Belgacom Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top