Install guide
46 Firewall Enhancements Release Note
Software Version 2.7.6
C613-10462-00 REV A
Firewall Enhancements
Software Version 2.7.6 includes the following enhancements to the firewall:
■ Session Monitoring
■ Enhanced Network Address and Port Translation (ENAPT)
This section describes each enhancement, then the new and modified
commands in Command Reference Updates.
Session Monitoring
Firewall session monitoring enables the firewall to copy all traffic that goes to
and from specified IP addresses and send the copies to a packet capturing
device. You can choose whether to copy packets before or after the firewall has
processed them, or both. Session monitoring is useful:
■ as an advanced diagnostic tool to check firewall configuration. By
capturing packets on both the public and private sides of the firewall, you
can compare packets before and after firewall processing. This enables you
to check the effect of features such as NAT.
■ if you need to monitor the traffic that passes through the firewall to or from
certain hosts.
The following figure demonstrates monitoring of traffic to and from a single
host on a LAN.
Monitoring only copies packets that pass through the firewall. It does not copy
packets that the firewall blocks.
fw-monitor
Packet
capturing
device
L2 switch
Internet
Monitored
device
Firewall
LAN