beautypg.com

Amer Networks E5Web GUI User Manual

Page 18

background image

addition, cOS Core supports features such as Virtual LANs,
Route Monitoring, Proxy ARP and Transparency.

For more information, please see Chapter 4, Routing.

Firewalling Policies

cOS Core provides stateful inspection-based firewalling for
a wide range of protocols such as TCP, UDP and ICMP. The
administrator can define detailed firewalling policies based
on source/destination network/interface, protocol, ports,
user credentials, time-of-day and more.

Section 3.6, “IP Rules and IP Policies” describes how to set up
these policies to determine what traffic is allowed or
rejected by cOS Core.

Address Translation

For functionality as well as security reasons, cOS Core
supports

policy-based

address

translation.

Dynamic

Address Translation (NAT) as well as Static Address
Translation (SAT) is supported, and resolves most types of
address translation needs.

This feature is covered in Chapter 7, Address Translation.

ALGs

cOS Core provides a range of Application Level Gateways
(ALGs) which provide security features that examine traffic
at higher OSI layers such as checking that file download
content agrees with the given filetype. Another example is
the SIP ALG which examines the SIP message exchanges
that take place during the setup of peer to peer data
exchanges.

For detailed information, see Section 6.2, “ALGs”.

VPN

cOS Core supports a range of Virtual Private Network (VPN)
solutions. Support exists for IPsec, L2TP, L2TPv3, PPTP as
well as SSL VPN with security policies definable for
individual VPN connections.

This topic is covered in Chapter 9, VPN.

TLS Termination

cOS Core supports TLS termination so that the Clavister
Security Gateway can act as the end point for connections
by HTTP web-browser clients (this feature is sometimes
called SSL termination).

For detailed information, see Section 6.2.10, “The TLS ALG”.

Application Control

cOS Core is able to identify data connections relating to
particular applications and perform defined actions for
those data streams such as blocking or traffic shaping. An
example of an application is BitTorrent peer to peer
streaming but could also relate to accessing certain
websites such as Facebook.

For detailed information, see Section 3.6.8, “Application
Control”.

Anti-Virus Scanning

cOS Core features integrated anti-virus functionality. Traffic
passing through the Clavister Security Gateway can be
subjected to in-depth scanning for viruses, and virus
sending hosts can be black-listed and blocked.

Chapter 1: cOS Core Overview

18

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: