Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... DON'T FORGET : ALWAYS READ THE USER GUIDE BEFORE BUYING !!!
If this document matches the user guide, instructions manual or user manual, feature sets, schematics you are looking for, download it now. Lastmanuals provides you a fast and easy access to the user manual DRAYTEK VIGOR 2710N. We hope that this DRAYTEK VIGOR 2710N user guide will be useful to you.
Lastmanuals help download the user guide DRAYTEK VIGOR 2710N.
Manual abstract: user guide DRAYTEK VIGOR 2710NVERSION 2.1
Detailed instructions for use are in the User's Guide.
[. . . ] i
Vigor2710 Series User's Guide
Vigor2710 Series User's Guide
ii
Vigor2710 Series ADSL2/2+ Firewall Router User's Guide
Version: 2. 0 Date: 21/07/2009
iii
Vigor2710 Series User's Guide
Copyright Information
Copyright Declarations Copyright 2009 All rights reserved. This publication contains information that is protected by copyright. No part may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language without written permission from the copyright holders. The following trademarks are used in this document: Microsoft is a registered trademark of Microsoft Corp. [. . . ] Specify the starting port number of the service offered by the local host. Specify the ending port number of the service offered by the local host.
Protocol Start Port End Port
Vigor2710 Series User's Guide
120
4. 4 Firewall
4. 4. 1 Basics for Firewall
While the broadband users demand more bandwidth for multimedia, interactive applications, or distance learning, security has been always the most concerned. The firewall of the Vigor router helps to protect your local network against attack from unauthorized outsiders. It also restricts users in the local network from accessing the Internet. Furthermore, it can filter out specific packets that trigger the router to build an unwanted outgoing connection.
Firewall Facilities
The users on the LAN are provided with secured protection by the following firewall facilities: User-configurable IP filter (Call Filter/ Data Filter). Stateful Packet Inspection (SPI): tracks packets and denies unsolicited incoming data Selectable Denial of Service (DoS) /Distributed DoS (DDoS) attacks protection
IP Filters
Depending on whether there is an existing Internet connection, or in other words "the WAN link status is up or down", the IP filter architecture categorizes traffic into two: Call Filter and Data Filter. Call Filter - When there is no existing Internet connection, Call Filter is applied to all traffic, all of which should be outgoing. It will check packets according to the filter rules. Then the router shall "initiate a call" to build the Internet connection and send the packet to Internet. Data Filter - When there is an existing Internet connection, Data Filter is applied to incoming and outgoing traffic. It will check packets according to the filter rules. If legal, the packet will pass the router. The following illustrations are flow charts explaining how router will treat incoming traffic and outgoing traffic respectively.
121
Vigor2710 Series User's Guide
Stateful Packet Inspection (SPI)
Stateful inspection is a firewall architecture that works at the network layer. Unlike legacy static packet filtering, which examines a packet based on the information in its header, stateful inspection builds up a state machine to track each connection traversing all interfaces of the firewall and makes sure they are valid. The stateful firewall of Vigor router not just examine the header information also monitor the state of the connection.
Denial of Service (DoS) Defense
The DoS Defense functionality helps you to detect and mitigate the DoS attack. The attacks are usually categorized into two types, the flooding-type attacks and the vulnerability attacks. The flooding-type attacks will attempt to exhaust all your system's resource while the vulnerability attacks will try to paralyze the system by offending the vulnerabilities of the protocol or operation system. The DoS Defense function enables the Vigor router to inspect every incoming packet based on the attack signature database. Any malicious packet that might duplicate itself to paralyze the host in the secure LAN will be strictly blocked and a Syslog message will be sent as warning, if you set up Syslog server. Also the Vigor router monitors the traffic. Any abnormal traffic flow violating the pre-defined parameter, such as the number of thresholds, is identified as an attack and the Vigor router will activate its defense mechanism to mitigate in a real-time manner. The below shows the attack types that DoS/DDoS defense function can detect:
1. [. . . ] (Please refer to the section 4. 2) Please follow the steps below to ping the router correctly.
For Windows
1. Open the Command Prompt window (from Start menu> Run). Type command (for Windows 95/98/ME) or cmd (for Windows NT/ 2000/XP/Vista). The DOS command dialog will appear.
3. [. . . ]
DISCLAIMER TO DOWNLOAD THE USER GUIDE DRAYTEK VIGOR 2710N
Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... In any way can't Lastmanuals be held responsible if the document you are looking for is not available, incomplete, in a different language than yours, or if the model or language do not match the description. Lastmanuals, for instance, does not offer a translation service.
Click on "Download the user manual" at the end of this Contract if you accept its terms, the downloading of the manual DRAYTEK VIGOR 2710N will begin.