3Com 3C16772 Data Sheet - Page 2

3COM® OFFICECONNECT® INTERNET FIREWALL DATA SHEET The 3Com OfficeConnect Internet Firewall Family Share Internet access The use of Network Address Translation (NAT) allows multiple LAN users to share a single IP address from an ISP. This means multiple users can access the Internet using any modem or router with an Ethernet connection and low-cost Internet account. 3Com OfficeConnect Internet Firewall family The OfficeConnect Internet Firewall 25 provides Internet security for up to 25 users; and the OfficeConnect Internet Firewall DMZ supports up to 100 users and features a De-Militarized Zone (DMZ) port. This is an additional port for connecting publicly accessible servers such as a web server. The DMZ port is protected from Denial of Service (DoS) hacker attacks, but can be accessed by external Internet users without exposing the network to attack. This functionality is essential for organizations considering e-commerce activity. VPN upgrade Through the purchase of this one-time upgrade, any OfficeConnect Internet Firewall can initiate and terminate up to five simultaneous secure IPsec VPN tunnels. This technology allows straightforward office-to-office or remote access communication over the Internet, saving costs while enhancing productivity. Internet Access Filtering Allows you to deny access to certain web sites or allow access only to those sites you specify. The Internet Firewalls can track the most accessed sites and the top users of bandwidth. They can also log or block access to web sites containing specified keywords in the URL. 3Com OfficeConnect Web Site Filter* This provides Internet Firewalls with extended capabilities to control Internet access. Specify the categories of material and the Web Site Filter provides a list of thousands of controlled sites-and automatically updates it every week. Access to the sites can either be blocked or logged. The Web Site Filter is provided as a 12-month subscription. Both Internet Firewalls come with a free one-month trial. Firewall security, logging, and alerts The firewalls use secure Stateful Packet Inspection technology to deny unauthorized access to the LAN and prevent Denial of Service (DoS) and hacker attacks, including Ping of Death, SYN Flood, LAND Attack, IP Spoofing, Teardrop, and Bonk. Hackers may try to use Java, ActiveX, and Cookie technologies to attack networks, so the Internet Firewalls can either block these applications or allow them only from trusted sites. All events can be logged, and major security concerns can be flagged with an instant and automatic e-mail alert. Typical Configuration Figure 1 shows a typical configuration for the 3Com OfficeConnect Internet Firewall DMZ. The 3Com OfficeConnect Firewall 25 product uses the same configuration but without the DMZ port. iceCon ect MZ Pnrfeorottwemcothrtkahcekers Internet Figure 1 CinIonantpterpronrloespt raicacteess PAu(ecbcglei.csWlsyibelbe Server) 2 *The 3Com OfficeConnect Web Site Filter uses the CyberNOT™ list, which is licensed from The Learning Company. This list is developed and main- tained by the The Learning Company's Cyber Patrol unit.