Fn10 filters, 1 bridge address table filters, Chapter 5 fn10 filters – Enterasys Networks Fast Network 10 User Manual

Fast Network 10 User Guide

Page 5-1

CHAPTER 5

FN10 FILTERS

One of the most significant features of the FN10 is its powerful
user-configurable filtering capabilities. A filter is an instruction to the
FN10

to screen data packets based on the criteria you define. Filtering is

useful for gathering statistics, implementing security measures, and
improving network performance.

The FN10 also supports pseudo filtering. Pseudo filtering provides a
unique traffic monitoring capability, including:

•

Determining the effect a filter would have, without actually invoking
it.

•

Monitoring traffic patterns to help determine optimum network
design.

•

Monitoring potential security threats.

•

Evaluating security policies.

You can configure the FN10

to selectively filter network traffic using the

following types of filters:

•

Bridge Address Table filters

•

Port filters

Although proper use of filters can have a positive effect on the network
performance, excessive use of filters may degrade network performance.
(Refer to Section 5.6.)

5.1 BRIDGE ADDRESS TABLE FILTERS

Bridge Address Table filters use the FN10 Bridge Address Table to
determine if there are any filtering flags assigned to a packet’s source or
destination address. By assigning FN10 Bridge Address Table filter flags,
you can selectively filter:

•

Traffic to and/or from any station (Media Access Control (MAC) layer
address).