2 firewall features – Asus RX3042H User Manual

Getting to Know RX3042H

RX3042H User's Manual

4

contains a pool of network ports to be used for translation.

Every packet is translated with the globally valid IP address;

the port number is translated with a free pool from the pool of

network ports.

• Reverse NAPT – Also called inbound mapping, port mapping,or

virtual server. Any packet coming to the router can be relayed

to an internal host based on the protocol, port number and/or

IP Address specified in the rule. This is useful when multiple

services are hosted on different internal hosts.

2.3.2 Firewall Features

The firewall as implemented in RX3042H provides the following

features to protect your network from being attacked and to prevent

your network from being used as the springboard for attacks.

• Stateful Packet Inspection
• Packet Filtering (ACL)
• Defense against Denial of Service Attacks
• Log

2.3.2.1 Stateful Packet Inspection

The RX3042H Firewall uses “stateful packet inspection” that

extracts state-related information required for the security decision

from the packet and maintains this information for evaluating

subsequent connection attempts. It has awareness of application

and creates dynamic sessions that allow dynamic connections so

that no ports need to be opened other than the required ones. This

provides a solution which is highly secure and that offers scalability

and extensibility.

2.3.2.2 Packet Filtering – ACL (Access Control List)

ACL rule is one of the basic building blocks for network security.

Firewall monitors each individual packet, decodes the header

information of inbound and outbound traffic and then either blocks

the packet from passing or allows it to pass based on the contents

of the source address, destination address, source port, destination

port, and protocol defined in the ACL rules.