Installation guide
BB005x Installation and Configuration Guide
6. After configuring the above items, click on Apply. The Firewall Trigger
Configuration page will then show the details of the trigger that you
have just configured.
Example: To configure NetMeeting using H.323 protocols for outgoing calls you
need to configure a firewall trigger with the following parameters:
Transport Type tcp
Port Number Start 1720
Port Number End 1720
Allow Multiple Hosts allow
Max Activity Interval 30000
Enable Session Chaining allow
Enable UDP Session Chaining block
Binary Address Replacement allow
Address translation type tcp
Another way of resolving the problem of NAT and firewall compatibility with a
certain application is having a special program called an Application Layer
Gateway (ALG) running inside the BB005x. The ALG examines all of the packets
related to the application and handles all of the necessary connections and
translations. Most applications can be run successfully across NAT by just
configuring Firewall Triggers. The BB005x features both ALGs and the
capability of enabling flexible triggers for a wide variety of applications.
Intrusion Detection
Intrusion Detection is a method of defending a network against outside threats
by constantly monitoring access to the network and looking for patterns of
activity that may indicate that an attack is about to be launched or is already in
progress. Intrusion Detection systems can effectively detect and block such
attacks as Ping of Death, Port Scanning, Address Spoofing and others. The
BB005x features comprehensive Intrusion Detection capability as part of its
firewall functionality.
To Configure Intrusion Detection: ►
1. Click on Advanced Configuration and then on Security.
2. Make sure that the Intrusion Detection Enabled option is selected and
click on Change State
3. Go to Policies, Triggers and Intrusion and click on Configure
Intrusion Detection. The Firewall Configure Intrusion Detection page
is displayed.
53