3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide
10 CHAPTER 1: SWITCH 8800 FIREWALL MODULE
Tabl e 1 Firewall Module Functions
Attribute Description
Network security
Authentication,
authorization and
accounting service
RADIUS
HWTACACS
CHAP authentication
PAP authentication
Domain authentication
Firewall
Packet filtering
Access control list on the basis of interface
Access control list on the basis of time period
ASPF status firewall
Anti-attack features:
Land, Smurf, Fraggle, WinNuke, Ping of Death, Tear Drop, IP
Spoofing, SYN Flood, ICMP Flood, UDP Flood, ARP spoofing
attack-defending
Initiative and reverse ARP query
Defending illegal flag bit attack of TCP packets
Defending super ICMP packet attack
Defending address/port scanning
Defending DoS/DDoS attack
ICMP redirection and controlling unreachable packets
Controlling Tracert packets
Controlling IP packets with route record
Static and dynamic blacklist function
Binding MAC and IP addresses
Defending worm virus
Transparent firewall
Reverse path forwarding function
Mail /network page filtering
Mail filtering:
Filtering SMTP mail addresses
Filtering SMTP mail titles
Filtering SMTP mail contents
Filtering SMTP mail attachments
Network page filtering:
Filtering HTTP URLs
Filtering HTTP contents
Security management
Real time attack log
Blacklist log
Address binding log
Traffic alarm log
Session log
Binary format log function
Traffic statistics and analysis function
Monitoring rate globally or on the basis of security domain
connection
Monitoring rate globally or on the basis of security domain
protocol packet
Security event statistics function
Real time E-Mail alarm
Distributing E-Mails periodically information
NAT
Address transfer in address pool mode
Address transfer by ACLs
Easy IP
NAT Server
Valid time configured for address transfer
Multiple ALGs, including FTP, H323, DNS, and SIP.