D-Link DFL-M510 User Manual - Page 43

DMZ Bypass, addresses are not checked and all packets from or to those hosts pass unhindered.

Get D-Link DFL-M510 - Network Monitoring Device PDF manuals and user guides
UPC - 790069282478
View all D-Link DFL-M510 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 43 highlights

Information Security Gateway In-Line Bypass Monitor In In-Line mode, the DFL-M510 works as a transparent gateway in your network. All traffic is inspected as it passes through the DFLM510. The DFL-M510 responds to illegal activities based on policy rules. When attacks are detected, the DFL-M510 can take the following action: • Drop the Packet • Reset the Connection • Log the Event • Save the Packet Message Content In Bypass mode, the DFL-M510 works like a bridge with all rules and actions disabled. This mode is designed to help network administrators to debug and trace network abnormalities. When bypass mode is selected, the DFL-M510 will not detect nor take action to security events in the network. Monitor mode allows you to analyze network activities and make early-stage diagnosis before deployment. the DFL-M510 will detect all events by inspecting all packets. In this mode, the DFL-M510 will log all events, but will not take any countermeasure (reset, drop actions). It is suggested to monitor network traffic in this mode before setting In-Line mode, in order to fine tune your security policy and network performance. DMZ BYPASS In order to speed up traffic from the intranet to DMZ, hosts within the given DMZ subnet addresses are not checked and all packets from or to those hosts pass unhindered. Chapter 2: System -- 33

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
Information Security Gateway
Chapter 2: System
--
33
DMZ B
YPASS
In order to speed up traffic from the intranet to DMZ, hosts within the given DMZ subnet
addresses are not checked and all packets from or to those hosts pass unhindered.
In-Line
In
In-Line
mode, the DFL-M510 works as a transparent gateway in
your network. All traffic is inspected as it passes through the DFL-
M510. The DFL-M510 responds to illegal activities based on policy
rules.
When attacks are detected, the DFL-M510 can take the following
action:
Drop the Packet
Reset the Connection
Log the Event
Save the Packet Message Content
Bypass
In
Bypass
mode, the DFL-M510 works like a bridge with all rules
and actions disabled. This mode is designed to help network admin-
istrators to debug and trace network abnormalities.
When bypass mode is selected, the DFL-M510 will not detect nor
take action to security events in the network.
Monitor
Monitor
mode allows you to analyze network activities and make
early-stage diagnosis before deployment. the DFL-M510 will detect
all events by inspecting all packets.
In this mode, the DFL-M510 will log all events, but will not take any
countermeasure (reset, drop actions). It is suggested to monitor net-
work traffic in this mode before setting In-Line mode, in order to fine
tune your security policy and network performance.