eScan Blog
eScan Website
eScan Forum
eScan Feeds From eScan Wiki
Revision as of 12:22, 8 April 2011
| · eScan · MailScan · Technologies | · Technical Info · Security Awareness · User Guides |
Contents |
Firewall
Description
Firewall monitors all incoming and outgoing network activities in your system and also protects from all network based attacks.
Firewall is a comprehensive feature that is designed to prevent unauthorized access to a computer or network that is connected to the Internet. It enforces a boundary between two or more networks by implementing default or user-defined access-control policies (rules) between two or more networks. The user can set rules to control incoming network access to their system as well as outgoing traffic from their system. Rules are user defined / created or selected either to allow or block any outgoing or incoming traffic. The Firewall checks the rules and analyzes the network packets (small chunks of data) and filter. If they fulfill the criteria defined in the Rules, they are allowed to pass through or else discard them.
Within the software, are provided set of predefined rules that can be added to the firewall by selecting those that are appropriate to one’s security needs. Users can define their own ‘rules’, and when they don’t feel the need for any of the rules they have ‘added’, they can remove them.
Vulnerable Scenarios - A user is vulnerable to hacker attack when their system connects to a public network
- - When you log in to chat, you connect to Internet Relay Chat (IRC) servers on the Internet and join others in the numerous ‘channels’ on the IRC network.
- - When you use Telnet to connect to a server on the Internet and execute commands ‘on’ the server from your computer.
- - When you use FTP to transfer files from a remote server to your computer. FTP is the File Transfer Protocol for exchanging files over the Internet, and works in the same way that HTTP and SMTP do in transferring Web pages from servers to user’s browser and transferring e-mail across the WWW respectively.
- - When you use NetBIOS (Network Basic Input/Output System) to communicate with another user on the LAN; the LAN could in turn be connected to the Internet. NetBIOS insulates the applications that users use to communicate with one another, from understanding the underlying network details.
- - When you are a part of a Virtual Private Networks (VPN). These private network connections communicate ‘securely’ over a public network, such as the Internet.
- - When you browse the Web.
- - When you send/receive e-mail.
By default, the firewall operates in the Allow All mode. However, you can customize the firewall by using options like Limited Filter for filtering only incoming traffic and Interactive Filter to turn off and block all. The eScan Firewall also allows you to specify different set of rules for allowing or blocking incoming or outgoing traffic. These rules include Zone Rules, Expert Rules, Trusted Media Access Control (MAC) Address, and Local IP list. This page provides you with options for configuring the module. You can configure the following settings.
- Allow All: [Default] Click this option, if you want to disable Firewall.
- Limited Filter: You can click this option to enable the Limited Filter mode. When the Firewall module is in this mode, it monitors all incoming traffic and helps you allow or block traffic as per the defined conditions or rules.
- Interactive Filter: You can click this option to enable the Interactive Filter mode. When the Firewall module is in this mode, it needs user intervention. It monitors all the incoming and outgoing network traffic and allows or blocks traffic as per the user\’s choice.
