Carrier Access CMG Router User Manual

Page 164

Advertising
background image

5-32

CMG Router - Release 2.7

Profile Directory:Remote Profile

Firewall Filters

Local IP Address/Network

IP Address of the local device or network that this rule will affect. If you enter the address of a
local device, this rule will affect only the session establishments of the local device and the
destination address entered in the Remote IP Address/Network field, below. If this rule is to
affect “any” local devices/networks, leave this field with an asterisk default symbol *.

Significant Bits

Use this field to identify the number of bits, from left to right that will be used to match the
IP Address field within the data packet with the value entered into the Local IP Address/
Network. Range is between 1-32.

Remote IP Address/Network

Enter the IP Address of the remote device or network that this rule will affect. If you enter the
address of a remote device, this rule will affect only the session establishments of the remote
device and the device/network address entered in the Local IP Address/Network field, above.
If this rule is to affect “any” remote devices/networks, leave this field at the default symbol *.

Significant Bits

Use this field to identify the number of bits, from left to right, that will be used to match the
IP Address field within the data packet with the value entered into the Remote IP Address/
Network. Range is between 1 to 32.

< > Packets which match this rule

Use this field to indicate whether a rule match should trigger an Alarm or Log entry.

Log or Alarm entries may also be useful when a specific security issue is at stake. For example,
if your security policy does not permit Telnetting, you may wish to keep track of all Telnet
attempts. As a general rule, however, we do not recommend keeping a log of all rule matches
since this may impact system performance and may cause an Event or Alarm screen overflow.

NOTE: When enabled, a single event/alarm will be logged for all TCP session
initiations. An event/alarm will be logged for each packet for all UDP transfers.
UDP traffic should typically not be allowed across a firewall.

NOTE: All firewall rules are considered filters and will be applied toward the
maximum allowable number of 500 filters.

(Blank)

A transmission match will not trigger an Alarm or Events log entry.

Alarm

A transmission match will trigger an Alarm entry.

Log

A transmission match will trigger an Events log entry.

Advertising
Popular Brands
Popular manuals