Operation Manual
Vigor120 Series User’s Guide
38
S
S
t
t
a
a
t
t
e
e
f
f
u
u
l
l
P
P
a
a
c
c
k
k
e
e
t
t
I
I
n
n
s
s
p
p
e
e
c
c
t
t
i
i
o
o
n
n
(
(
S
S
P
P
I
I
)
)
Stateful inspection is a firewall architecture that works at the network layer. Unlike legacy
static packet filtering, which examines a packet based on the information in its header,
stateful inspection builds up a state machine to track each connection traversing all interfaces
of the firewall and makes sure they are valid. The stateful firewall of Vigor modem not just
examine the header information also monitor the state of the connection.
U
U
R
R
L
L
C
C
o
o
n
n
t
t
e
e
n
n
t
t
F
F
i
i
l
l
t
t
e
e
r
r
To provide an appropriate cyberspace to users, Vigor modem equips with URL Content
Filter not only to limit illegal traffic from/to the inappropriate web sites but also prohibit
other web feature where malicious code may conceal.
Once a user type in or click on an URL with objectionable keywords, URL keyword blocking
facility will decline the HTTP request to that web page thus can limit user’s access to the
website. You may imagine URL Content Filter as a well-trained convenience-store clerk
who won’t sell adult magazines to teenagers. At office, URL Content Filter can also provide
a job-related only environment hence to increase the employee work efficiency. How can
URL Content Filter work better than traditional firewall in the field of filtering? Because it
checks the URL strings or some of HTTP data hiding in the payload of TCP packets while
legacy firewall inspects packets based on the fields of TCP/IP headers only.
On the other hand, Vigor modem can prevent user from accidentally downloading malicious
codes from web pages. It’s very common that malicious codes conceal in the executable
objects, such as ActiveX, Java Applet, compressed files, and other executable files. Once
downloading these types of files from websites, you may risk bringing threat to your system.
For example, an ActiveX control object is usually used for providing interactive web feature.
If malicious code hides inside, it may occupy user’s system.
D
D
e
e
n
n
i
i
a
a
l
l
o
o
f
f
S
S
e
e
r
r
v
v
i
i
c
c
e
e
(
(
D
D
o
o
S
S
)
)
D
D
e
e
f
f
e
e
n
n
s
s
e
e
The DoS Defense functionality helps you to detect and mitigate the DoS attack. The attacks
are usually categorized into two types, the flooding-type attacks and the vulnerability attacks.
The flooding-type attacks will attempt to exhaust all your system's resource while the
vulnerability attacks will try to paralyze the system by offending the vulnerabilities of the
protocol or operation system.
The DoS Defense function enables the Vigor modem to inspect every incoming packet based
on the attack signature database. Any malicious packet that might duplicate itself to paralyze
the host in the secure LAN will be strictly blocked and a Syslog message will be sent as
warning, if you set up Syslog server.