Connection Tracking. Secure Computing SG570, SG300, SG560, SG565, SG550, SG530, SG580, SG575

Secure Computing SG570 is a rack-mountable network security appliance that provides comprehensive protection for enterprise networks. It offers a wide range of features including firewall, intrusion detection, virtual private networking, and web filtering. SG570 is ideal for businesses that need to secure their networks from a variety of threats.

Enter an arbitrary Description of service, the Name or IP address of the computer

hosting this service on your network, the External Port number for this service and the Internal Port number for this service. Select whether the service uses the TCP or

UDP protocol. Click OK.

This rule now appears on the SnapGear unit UPnP page, under Current UPnP Port

Mappings.

Connection Tracking

Connection tracking keeps a record of what packets have passed through the unit, and how they relate to each other. A sequence of related packets is called a connection.

This is required for stateful packet filtering and network address translation (NAT).

Most packets are correctly handled by generic support for protocols such as TCP and

UDP. However, some protocols are more complicated and require specific connection tracking modules in order to record the state correctly. For example, FTP requires additional connections for data transfer, and also transmits IP addresses and ports within the data portion of packets.

Configuring connection tracking

You can select which connection tracking modules are used by checking the Enabled option. Since connection tracking modules can allow additional connections through the firewall, you should disable modules that you do not need.

Firewall

161

Note

Implementations of protocols such as H.323 can vary, so if you are experiencing problems you can try disabling the module.

Check Enable Connection Logging to log connections to the system log as they are established and expire; however, this may result in a lot of log messages if you have a large or busy network.

Check Enable Flood Rate Limiting to enable flood rate limiting for new connections on

Internet interfaces. Attempts to initiate new connections that exceed the defined rate limit will be logged and dropped.

Enter Flood Rate Limit (per second) this is the number of connections per second to allow before dropping new connections. You will need to increase or disable this setting if you are port forwarding to a busy internal server.

Note

Can be a decimal number equal to or greater than 1

Firewall

162

Key Features

Advanced firewall with stateful packet inspection
Intrusion detection and prevention system
Virtual private networking (VPN) support
Web filtering and content control
Load balancing and failover
High availability clustering

Connection Tracking. Secure Computing SG570, SG300, SG560, SG565, SG550, SG530, SG580, SG575

Connection Tracking

Configuring connection tracking

Key Features

Related manuals

Frequently Answers and Questions

What is the maximum number of VPN tunnels that the SG570 can support?

Does the SG570 support IPv6?

Can the SG570 be managed remotely?

Table of contents

Connection Tracking. Secure Computing SG570, SG300, SG560, SG565, SG550, SG530, SG580, SG575

Connection Tracking

Configuring connection tracking

Key Features

Related manuals

SnapGear

SnapGear

SnapGear

1.7.8

CyberGuard

SG300

CyberGuard

SnapGear

Blue Coat

SG810 series

Frequently Answers and Questions

What is the maximum number of VPN tunnels that the SG570 can support?

Does the SG570 support IPv6?

Can the SG570 be managed remotely?

Table of contents