Huge Collections of Software Manuals and Knowledgebase

GreatManuals.com
Huge Collections of Software Manuals and Knowledgebase
 
Home Contact Us Request to publish your help manuals Request to remove your help manuals
Introduction
» NetworkShield Firewall 2006
» Features
» System Requirements
» Quick Setup
Administration
» Administration
» Administration: How To
Firewall Policy
» Firewall Policy
» Firewall Policy: How To
» Editing Rules
Traffic Usage Policy
» Traffic Usage Policy
» Traffic Usage Policy: How To
Network Relationships
» Network Relationships
» Networks Relationships: How To
Network Objects
» Network Objects
» Networks
» Networks Objects: How to
» Manage Objects
Protocols
» Protocols
» Protocols: How to
Monitoring & Logging
» Monitoring
» Logging
» Firewall Logging
» Security Client
Help & Support
» Online Support
» Contacts
 

Network Relationships

This section describes a multi-networking feature of the NetworkShield Firewall 2006, which enables you to define relationships between networks, and provides instructions on how to configure these relationships.

  • Overview
  • Network rules
  • Network Address Translation (NAT)
  • Network Relationships: How to

Network relationships overview

The architecture of NetworkShield Firewall is based on the principle of splitting the entire network into logical objects of Private and Public networks.

A Network object is a logical representation of the physical network topology. The network is connected to a certain network interface (NIC) and is defined as one or several ranges of IP addresses. IP address ranges of Private networks do not overlap. So each object defined in the system belongs to one Private or all Public networks.

When you split the entire network into Private and Public networks, it becomes necessary to specify how objects from different networks will interact with each other. Network Relationship rules are used in the system for that. Network rules define only the existence of interaction between networks. To configure access from one network to another, you should specify Firewall Policy rules.

USB Monitoring software freeware keylogger download Spy Software
Remote spy key logger Computer spy software Computer monitoring software

Network rules

Network Rules are used to define relationships between networks. If there is no relationship set between two networks by Network Rules, the entire traffic between the networks is blocked. There are two relationship types: NAT and Route.

NAT

If you specify this type of relationships between networks, NetworkShield Firewall translates the client IP address of the client from the source network into its own IP address from the destination network.

Route

If you specify this type of relationships, requests from clients in the source network are sent to the destination network without any changes.

In order to insure higher security, only private networks and objects from private networks (Computers, Computer Sets, IP ranges) can be used as a source for Network rules.

There is no need to specify Network rules for the Local Host object because when Local Host interacts with objects from other networks, a direct connection is always established.

Order of Network rules.

Network rules are specified in the form of an ordered list. To find the rule that will determine the relationship between objects in the different networks, NetworkShield Firewall looks through the list of all rules one by one. The first matching rule will be used, others will be ignored.

Note

NetworkShield Firewall allows you to set the NAT relationship only for the TCP, UDP and ICMP protocols.

Network Address Translation (NAT)

NAT is a technology that allows you to use one external address for all LAN clients to be able to work in the external network. NAT allows to hide the addresses of the internal network and makes it possible to use any number of addresses inside the network because they do not conflict with the same addresses from other local area networks worldwide.

With installed NetworkShield Firewall, you will need only one external IP address to be able to establish a full-featured connection to such a public network as the Internet. Private network clients will be able to access any resources from the public network. At the same time, it is impossible to directly access private network clients from the public network.

When private network clients access resources from the public network via NetworkShield Firewall, their IP addresses are translated. And the addresses of clients are replaced with the address of the NetworkShield server network adapter that is connected to the public network.

With the NAT technology available in NetworkShield Firewall, no special client configuration is needed to be able to set up Internet access. It is necessary only to set the NetworkShield Firewall server as a gateway.

You should use the groups of private IP addresses specifically defined in RFC 1918 while building local area networks.

  • Class A: 10.0.0.0-10.255.255.255
  • Class B: 172.16.0.0-172.31.255.255
  • Class C: 192.168.0.0-192.168.255.255

These IP addresses are not used in global networks, which will allow you to increase the security of access to your data.
Home | Contact Us | Request to publish your help manuals | Request to remove your help manuals