beautypg.com

1 pseudo filtering, 2 filter links – Enterasys Networks Fast Network 10 User Manual

Page 86

background image

Chapter 5: FN10 Filters

Page 5-6

Fast Network 10 User Guide

For the fields defined as True, False, or Not Applicable (NA) in the
following sections:

True – Means all traffic that matches the field will be filtered.

False – Means all traffic that does not match the field selection will be
filtered (inverse filter).

Not applicable (NA) – Means that when the filter is invoked, the FN10
will not check this field.

In addition to the configurable fields, there are two additional options you
can use when you configure Port filters:

Pseudo filtering

Filter links

5.2.1.1 Pseudo Filtering

Any Port filter can be set to pseudo mode. In pseudo mode, the filter
generates statistics, counting how many packets meet the filtering criteria.
The FN10 does not actually block any traffic.

The pseudo filter option provides unique traffic monitoring capability,
including:

Determining the effect a particular filter would have, without actually
invoking it.

Monitoring traffic patterns as an aid in determining optimum network
design, usage policies, and so on.

Monitoring potential security threats.

5.2.1.2 Filter Links

Port filters can be logically linked using the Boolean And/Or operators.
Because Port filters are maintained as a table, each Port filter you
configure is assigned a Port Filter Table index number. This number is
incremented each time a Port filter is added to the Port Filter Table index.

Port filter processing is a one pass, sequential operation. All And/Or
operators apply to the next Port filter in the Port Filter Table index that is
assigned the same port number and Entry/Exit value.