Stateful Firewall and NAT Support 编辑

This feature provides a firewall built into the SD-WAN application. The firewall allows policies between services and zones, and supports Static NAT, Dynamic NAT (PAT), and Dynamic NAT with Port Forwarding. More firewall capabilities include:

  • Provide security for user traffic within SD-WAN network (Enterprise and Service Providers)
  • (Potential) Reduction of External Equipment (Enterprise and Service Providers)
  • Using the same IP address space for Multiple customers: NAT Capability (Service Providers)
  • Apply multiple firewalls from a global perspective (Service Providers)
  • Filtering traffic flows between Zones
  • Filtering traffic between services within a Zone
  • Filtering traffic between services that reside in different Zones
  • Filtering traffic between services at a site
  • Defining Filter Policies to Allow, Deny, or Reject flows
  • Tracking flow state for selected flows
  • Applying Global Policy Templates
  • Support for Port Address Translation for traffic to the Internet on an untrusted port, as well as port forwarding inbound and outbound
  • Provide Static Network Address Translation (Static NAT)
  • Provide Dynamic Network Address Translation (Dynamic NAT)
  • Port Address Translation (PAT)
  • Port-Forwarding

To simplify the configuration process, firewall Policies are created at the Global Configuration level. This Global configuration consists of Pre-Appliance and Post-Appliance site Policy Templates that can be applied to all sites within the SD-WAN network.

Note

It is not recommended to use firewall in Fail-to-Wire inline mode due to security reasons.

Global-policy templates

localized image

Pre-policy template

localized image

Post-policy template

localized image

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:99 次

字数:2325

最后编辑:6 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文