Filter
Top Products
Web OS 10.0 Application Guide
Chapter 7: Filtering
185
212777-A, February 2002
Filter-based Security
This section provides an example of configuring filters for providing the best security. It is
generally recommended that you configure filters to deny all traffic except for those services
that you specifically wish to allow. Consider the following sample network:
Figure 7-7 Security Topology Example
In this example, the network is made of local clients on a collector switch, a Web server, a mail
server, a domain name server, and a connection to the Internet. All the local devices are on the
same subnet.
For best security, it is generally recommended that you configure filters to deny all traffic
except for those services that you specifically wish to allow. In this example, the administrator
wishes to install basic security filters to allow only the following traffic:
n External HTTP access to the local Web server
n External SMTP (mail) access to the local mail server
n Local clients browsing the World Wide Web
n Local clients using Telnet to access sites outside the intranet
n DNS traffic
All other traffic is denied and logged by the default filter.
NOTE – Since IP address and port information can be manipulated by external sources, filter-
ing does not replace the necessity for a well-constructed network firewall.
Web Server
205.177.15.2
Mail Server
205.177.15.3
DNS
205.177.15.4
Alteon Web Switch
Local Clients
Internet
RouterClient Switch