Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
381382383384385386387388389390
4-87
Firewall
Application-Level Gateways (ALGs)
Application-Level Gateways (ALGs)
The TMS zl Module supports ALGs for several common applications that can
experience difficulties when they run through a firewall. These ALGs help the
applications to run smoothly through the TMS zl Module firewall without
compromising security. For example, some applications open data-transfer
connections dynamically by negotiating IP addresses and service ports. An
ALG allows such an application with the opening of a single control port. ALGs
provide other special handling for applications which you can read about in
the sections below.
Refer to these sections according to your interests:
For background information on ALGs, see “ALG Concepts” on page 4-87.
To learn more about the specific TMS zl Module ALGs, see “ALG Descrip-
tions” on page 4-90.
To learn how to enable and disable ALGs, see “Enable and Disable
Optional Attack Checks” on page 4-110.
ALG Concepts
Table 4-12 shows the ALGs supported by the TMS zl Module. The FTP ALG is
enabled by default; all other ALGs are disabled by default. In addition to listing
the ALGs by name, the table provides this information for each ALG:
Control port
See “Control Port” on page 4-88 for an explanation of why you need to
know about the control port.
ALG type
See “ALG Types” on page 4-89 for an explanation of the types of support
provided by ALGs.