Overview, Filtering benefits, Filtering criteria – Nortel Networks WEB OS 212777 User Manual
Page 170: Overview 170, Filtering benefits 170 filtering criteria 170

Web OS 10.0 Application Guide
170
n
Chapter 7: Filtering
212777-A, February 2002
Overview
Alteon Web switches are used to deliver content efficiently and secure your servers from unau-
thorized intrusion, probing, and Denial-of-Service (DoS) attacks. Web OS includes extensive
filtering capabilities at the IP and TCP/UDP levels.
Filtering Benefits
Layer 3 (IP) and Layer 4 (application) filtering give the network administrator a powerful tool
with the following benefits:
n
Increased security for server networks
Filters can be configured to allow or deny traffic according to various IP address, protocol,
and Layer 4 port criteria. You can also secure your switch from further virus attacks by
allowing you to configure the switch with a list of potential offending string patterns. For
more information, see
“Layer 7 Deny Filter” on page 417
This gives the administrator control over the types of traffic permitted through the switch.
Any filter can be optionally configured to generate system log messages for increased
security visibility.
n
Used to map the source or destination IP addresses and ports
Generic Network Address Translation (NAT) can be used to map the source or destination
IP addresses and the ports of private network traffic to or from advertised network IP
addresses and ports.
Filtering Criteria
Up to 2048 filters can be configured on Alteon 184 and Alteon AD4 Web switches. Up to 224
filters are supported on other Alteon Web switches. Descriptive names can be used to define
filters. Each filter can be set to allow, deny, redirect, or translate traffic based on any combina-
tion of the following filter options:
n
sip
: source IP address or range (see
“IP Address Ranges” on page 178
)
n
dip
: destination IP address or range (
dip
and
dmask
)