Draytek Vigor 2950Gi User's Guide download pdf (Page 72)

Vigor2930 Series User’s Guide

The following illustrations are flow charts explaining how router will treat incoming traffic

and outgoing traffic respectively.

(

)

Stateful inspection is a firewall architecture that works at the network layer. Unlike legacy

static packet filtering, which examines a packet based on the information in its header,

stateful inspection builds up a state machine to track each connection traversing all interfaces

of the firewall and makes sure they are valid. The stateful firewall of Vigor router not just

examine the header information also monitor the state of the connection.

(

)

The DoS Defense functionality helps you to detect and mitigate the DoS attack. The attacks

are usually categorized into two types, the flooding-type attacks and the vulnerability attacks.

The flooding-type attacks will attempt to exhaust all your system's resource while the

vulnerability attacks will try to paralyze the system by offending the vulnerabilities of the

protocol or operation system.

The DoS Defense function enables the Vigor router to inspect every incoming packet based

on the attack signature database. Any malicious packet that might duplicate itself to paralyze

the host in the secure LAN will be strictly blocked and a Syslog message will be sent as

warning, if you set up Syslog server.

Also the Vigor router monitors the traffic. Any abnormal traffic flow violating the pre-defined

parameter, such as the number of thresholds, is identified as an attack and the Vigor router

will activate its defense mechanism to mitigate in a real-time manner.

The below shows the attack types that DoS/DDoS defense function can detect:

1. SYN flood attack 9. Smurf attack

1 2 ... 67 68 69 70 71 72 73 74 75 76 77 ... 297 298

No comments

Draytek Vigor 2950Gi User's Guide Page 72