SMC Networks SMC7004WFW Network Router User Manual


 
N
ETWORKING
AND
C
LIENT
S
ERVICES
4-36
The Intrusion Detection feature of the Wireless Barricade Plus limits the
access of the incoming traffic from the WAN port. When the SPI feature
is turned on, all the incoming packets will be blocked unless certain types
of traffic types are checked by the users. When the user checkes certain
types of traffic, only the particular type of traffic initiated from the Internal
LAN will be allowed. For example, if the user only checks “FTP service”
from the Stateful Packet Inspection heading, all the incoming traffic will be
blocked except the FTP connection initiated from the local LAN.
Stateful Packet Inspection
This option allows you to select different application types that are using
dynamic port numbers. If you need to use the Stateful Packet Inspection
(SPI) for blocking packets, check the radio button in the “Enable SPI and
Anti-DoS firewall protection” field and then check the inspection type that
you need, such as Packet Fragmentation, TCP Connection, UDP Session,
FTP Service, H.323 Service and TFTP Service.
Hacker Prevention Feature
The Wireless Barricade Plus’ firewall inspects packets at the application
layer, and maintains TCP and UDP session information, including
timeouts and number of active sessions, provides the ability to detect and
prevent certain types of network attacks such as DoS attacks.
Network attacks that deny access to a network device are called
denial-of-service (DoS) attacks. Denials of Service (DoS) attacks are aimed
at devices and networks with a connection to the Internet. Their goal is
not to steal information, but to disable a device or network so users no
longer have access to network resource.