Epson IWE3200-H User Manual

4

„

NAT server. Client computers can share a public IP address provided by an ISP (Internet
Service Provider) by NAT (Network Address Translation). And our NAT server function-
ality supports the following:

‹

Virtual server.

Exposing servers on the intranet to the Internet.

‹

PPTP, IPSec, and L2TP passthrough.

Passing VPN (Virtual Private Network)

packets through the intranet-Internet boundary. PPTP means Point-to-Point Tunneling
Protocol, IPSec means IP Security, and L2TP means Layer 2 Tunneling Protocol.

‹

DMZ (DeMilitarized Zone). All unrecognized IP packets from the Internet can be
forwarded to a specific computer on the intranet.

‹

Multiple public IP addresses support.

An ISP may provide several public IP

addresses to a customer. The IWE3200-H can map each of the public IP addresses to
a host with a private IP address on the intranet.

‹

H.323 passthrough.

Passing H.323 packets through the intranet-Internet boundary

so that users on the intranet can use VoIP (Voice over IP) applications.

‹

MSN Messenger support.

Supporting Microsoft MSN Messenger for chat, file

transfer, and real-time communication applications.

‹

Session monitoring.

Latest 50 incoming sessions and 50 outgoing sessions are

shown for monitoring user traffic.

z

DSL/Cable Modem Support. Supporting dynamic IP address assignment by PPPoE
(Point-to-Point Protocol over Ethernet) or DHCP and static IP address assignment.

„

Multiple DSL/Cable connections support.

Supporting up to 4 DSL/cable-based

Internet connections. All outgoing traffic load from the internal network is shared among
the multiple Internet connections, so that total outgoing throughput is increased.

z

Network Security

„

Packet address and port filtering.

Filtering outgoing packets based on IP address and

port number. (Incoming packet filtering is performed by NAT.)

„

URL filtering.

Preventing client users from accessing unwelcome Web sites. The HTTP

(HeperText Transfer Protocol) traffic to the specified Web sites identified by URLs (Uni-
versal Resource Locators) is blocked.

„

WAN ICMP requests blocking.

Some DoS (Denial of Service) attacks are based on

ICMP requests with large payloads. Such kind of attacks can be blocked.

„

Stateful Packet Inspection (SPI).

Analyzing incoming and outgoing packets based on

a set of criteria for abnormal content. Therefore, SPI can detect hacker attacks, and can
summarily reject an attack if the packet fits a suspicious profile.