Security levels, Security levels -5 – Carrier Access Multi-Service Router (MSR) Card MSR/Adit 3K GUI User Manual

Adit 3000 (Rel. 1.6) and MSR Card (Rel 2.0) GUI

4-5

Security

General

The important thing to note is that it is the origin of the request, not subsequent responses to this request,
that determines whether a session can be established or not.

You can choose from among three pre-defined security levels: Minimum, Typical (default setting), and
Maximum. The following table defines the behavior of the Adit for each of the three security levels.

NOTE:

Using the Minimum Security setting may expose the network to significant security

risks, and thus should only be used when necessary, for short periods of time.

Security Levels

The following are the security levels available:

Security Level

Requests Originating
in the WAN

Requests Originating
in the LAN

Maximum

Blocked: No access to network
from Internet, except as configured
in the Local Servers, DMZ host and
Remote Access screens.

Limited: Only commonly-used services,
such as Web-browsing and e-mail, are
permitted. These services include Telnet,
FTP, HTTP, HTTPS, DNS, IMAP, POP3,
Ping and SNMP.

Typical (Default)

Blocked: No access to network
from Internet, except as configured
in the local Servers, DMZ host and
Remote Access screens.

Unrestricted: All services are permitted,
except as configured in the Access Control
screen.

Minimum

Unrestricted: Permits full access
from Internet to network; all
connection attempts permitted.

Unrestricted: All services are permitted,
except as configured in the Access Control
screen.

Field

Definition

Block IP Fragments

Checking this box will protect your network from a common type of hacker
attack that could make use of fragmented data packets to sabotage your
network. Note: VPN over IPSec and some UDP-based services make
legitimate use of IP fragments. You will need to allow IP fragments to pass
into the home network in order to make use of these selected services.