Manualshelf

3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
12345678910
1
SWITCH 8800 FIREWALL MODULE
This chapter describes the Firewall Module (3C17546), which is available for the
Switch 8800.
The SW8800 Firewall Module provides an affordable stateful security firewall
designed for the needs of medium-size enterprises. Enterprises are accelerating
their deployments of stateful firewalls to protect their organizations from
unwanted intrusions from attackers from both outside (e.g. from the Internet),
and from internal attack.
The SW8800 Firewall Module represents a new era of integrated network security
for 3Com’s Switch 8800 solution. Occupying a single I/O slot, the Firewall Module:
Provides an onboard operating system and custom hardware designed for high
speed packet filtering, switching, protection, analysis, and reporting
Occupies any I/O slot in the chassis and is hot swappable
Interfaces to the SW8800 high capacity backplane and fully uses the internal
switching capabilities of the system.
Has eight 1G SFP ports on the front panel for switching/routing. In addition,
the eight 1G ports can be used as regular switching ports.
The SW8800 Firewall features include:
Both routed and transparent operation modes
High-efficiency packet filtering, transparent proxy, stateful detection, and
security technology
In-depth statistical analysis functions
A broad range of security protection measures
Multiple intelligent analysis and management to fully protect the enterprise’s
internal network, in addition to protection at the network layer.
Real-time network monitoring methods to help the administrator with network
security management.
Application Specific Packet filter (ASPF) aims at packets at the application layer,
(status-based packets). It works with ordinary static firewalls to implement security
strategies for the internal network. With the ASPF stateful detection technology,
the firewall can monitor the connection process and harmful commands. It
implements packet filtering by working with the ACL. In addition, it supports NAT
and dozens of attack-defend capabilities.