Firewall, Overview, Supported features – TP-Link Omada ER8411 VPN Router User Manual

Page 114: Overview supported features, 1 overview, 2 supported features

Advertising
background image

Configuring Firewall

Firewall

User Guide 105

1

Firewall

1.1 Overview

Firewall is used to enhance the network security. It can prevent external network threats

from spreading to the internal network, protect the internal hosts from ARP attacks, and

control the internal users’ access to the external network.

1.2 Supported Features

The Firewall module supports four functions: Anti ARP Spoofing, Attack Defense, and

Access Control.

Anti ARP Spoofing

ARP (Address Resolution Protocol) is used to map IP addresses to the corresponding MAC

addresses so that packets can be delivered to their destinations. However, since ARP is

implemented with the premise that all the hosts and routers are trusted, there are high

security risks on real, complex networks. If attackers send ARP spoofing packets with false

IP address-to-MAC address mapping entries, the device will update the ARP table based

on the false ARP packets and record wrong mapping entries, which results in a breakdown

of normal communication.
Anti ARP Spoofing can protect the network from ARP spoofing attacks. It works based on

the IP-MAC Binding entries. These entries record the correct one-to-one relationships

between IP addresses and MAC addresses. When receiving an ARP packet, the router

checks whether it matches any of the IP-MAC Binding entries. If not, the router will ignore

the ARP packets. In this way, the router maintains the correct ARP table.
In addition, the router provides the following two sub functions:

Permitting the packets matching the IP-MAC Binding entries only and discarding other

packets.

Sending GARP packets to the hosts when it detects ARP attacks. The GARP packets

can inform hosts of the correct ARP table, preventing their ARP tables from being

falsified by ARP spoofing packets.

Attack Defense

Attacks on a network device can cause device or network paralysis. With the Attack

Defense feature, the router can identify and discard various attack packets which are sent

to the CPU, and limit the packet receiving rate. In this way, the router can protect itself and

the connected network against malicious attacks.

Advertising
See also other documents in the category TP-Link Routers: