The module "Filters" facilitates the filtering of network traffic. Filtering is based on the direction, Source and Destination MAC Addresses, IP Addresses and TCP/UDP Port numbers as well as the Ethernet Header Protocol and IP Protocol. It enables you to specify exactly which type of network traffic is allowed to enter or leave a particular Network Interface Card.
The picture below shows an example of a company's network. Using the module Filters,
access to the various servers, (both located on the Local Area Network and the internet)
has been made possible only from particular workstations. For example, the servers
that are used by the 'Salary Administration' are accessible only from PC1, PC2 and
PC3.
Another application example (which is typically usefull for home usage) of the module Filters is
shown below. Two neighbours share a single broadband Internet Connection
and router. All computers
on either of the neighbours' networks have access to the internet. However, access
from any computer on either of the networks to any computer on the other network is not
possible by any means.
When applying the module 'Internet Access - Outbound Load Balancing' (described
further on) also, this application example can be extended to connecting both networks
to the internet by means of multiple internet connections simultaneously.
The Graphical User Interface of the module Filters enables you the specify hierarchically which filters have to be applied to the network traffic that enters or leaves a
particular Network Interface Card.
Custom-defined ranges can be set up for the various network packet properties at relating levels in the tree.
This lets you build a filters tree structure that meets your requirements with respect to the specification of the types of network traffic being allowed in each direction.
|