4 using filters to enhance network 5.4 performan – Enterasys Networks Fast Network 10 User Manual

Chapter 5: FN10 Filters

Page 5-16

Fast Network 10 User Guide

Note that the FN10 is not storing information designed to identify
restricted devices or authorized or unauthorized users. Instead, it is using
address information (which it does store) to act on filters that have been
configured to meet the desired objective: Restrict access to certain
workstations to authorized users.

5.4 USING FILTERS TO ENHANCE NETWORK

PERFORMANCE

In many applications, filters can be used to enhance network performance
by preventing certain types of traffic which may degrade performance. A
filter that defines logical barriers to protect a network segment or
segments from conditions that may degrade network performance is
referred to as a firewall filter.

Examples of poor network performance that can be controlled by firewall
filters include:

•

Unnecessary traffic

•

Broadcast storms

•

Conflicting applications that occur within a particular network
segment

Firewall filters can also be used to help implement fault isolation, error
recovery, and security measures.

A firewall filter can be a Bridge Address Table filter or a Port filter.
Firewall filters can be configured to:

•

Allow only server traffic to be forwarded from LAN A to LANs B and
C. (Other traffic would not be forwarded.)

•

Prevent a specific type of traffic from being forwarded to a specific
network segment. For example, it might be desirable to block DECnet
broadcast traffic from a LAN that includes no devices that use DECnet
data packets.

•

Prevent multicast packets from being forwarded to a specific network
segment (localized broadcast storm prevention).