Table of Contents
Advertisement
17. The firewall policy allows traffic filtering at the application layer using the
Application Layer Gateway provides filters for the following common protocols:
FTP ALG
TFTP ALG
SIP ALG
SCCP ALG
FaceTime ALG
18. Refer to the
Firewall Enhanced Logging
Log Dropped ICMP
Packets
Log Dropped Malformed
Packets
Enable Verbose Logging
19. Select the
Enable Stateful DHCP Checks
firewall. The default setting is enabled. When enabled, all DHCP traffic flows are inspected.
20. Define
Flow Timeout
intervals for the following flow types impacting the firewall:
TCP Close Wait
TCP Established
TCP Reset
TCP Setup
Stateless TCP Flow
Stateless FIN/RESET
Flow
Select the Enable box to allow FTP traffic through the firewall using its default ports. This
feature is enabled by default.
Select the Enable box to allow TFTP traffic through the firewall using its default ports. This
feature is enabled by default.
Select the Enable box to allow SIP traffic through the firewall using its default ports. This
feature is enabled by default.
Select the check box to allow SCCP traffic through the firewall using its default ports. This
feature is enabled by default. Signalling Connection Control Part (SCCP) is a network
protocol that provides routing, flow control and error correction in telecommunication
networks.
Select the check box to allow Apple's FaceTime video calling traffic through the firewall
using its default port. This feature is enabled by default.
field to set the following parameters:
Use the drop-down menu to define how dropped ICMP packets are logged. Logging can
be rate limited for one log instance every 20 seconds. Options include Rate Limited, All or
None. The default setting is None.
Use the drop-down menu to define how dropped malformed packets are logged. Logging
can be rate limited for one log instance every 20 seconds. Options include Rate Limited,
All or None. The default setting is None.
Select this option to enable verbose logging for dropped packets. This setting is disabled
by default.
radio button to enable the stateful checks of DHCP packet traffic through the
Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or
Hours (1 - 9). The default setting is 10 seconds.
Define a flow timeout value in either Seconds (15 - 32,400), Minutes (1 - 540) or
Hours (1 - 9). The default setting is 90 minutes.
Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or
Hours (1 - 9). The default setting is 10 seconds.
Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or
Hours (1 - 9). The default setting is 10 seconds.
Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or
Hours (1 - 9). The default setting is 90 seconds.
Define a flow timeout value in either Seconds (1 - 32,400), Minutes (1 - 540) or
Hours (1 - 9). The default setting is 10 seconds.
Security Configuration 8 - 11
Application Layer Gateway
feature. The
Hide quick links:
Advertisement
Table of Contents
