Firewall/Advanced

Firewall > Advanced

To configure advanced access rule options, select Firewall > Advanced under Firewall. The Advanced Rule Options page is displayed.

The Advanced Rule Options includes the following firewall configuration option groups:

Detection Prevention
Dynamic Ports
Source Routed Packets
Connections
Access Rule Service Options
IP and UDP Checksum Enforcement
UDP

Detection Prevention

Enable Stealth Mode - By default, the security appliance responds to incoming connection requests as either "blocked" or "open." If you enable Stealth Mode, your security appliance does not respond to blocked inbound connection requests. Stealth Mode makes your security appliance essentially invisible to hackers.
Randomize IP ID - Select Randomize IP ID to prevent hackers using various detection tools from detecting the presence of a security appliance. IP packets are given random IP IDs, which makes it more difficult for hackers to "fingerprint" the security appliance.
Decrement IP TTL for forwarded traffic - Time-to-live (TTL) is a value in an IP packet that tells a network router whether or not the packet has been in the network too long and should be discarded. Select this option to decrease the TTL value for packets that have been forwarded and therefore have already been in the network for some time.
Never generate ICMP Time-Exceeded packets - The SonicWALL appliance generates Time-Exceeded packets to report when it has dropped a packet because its TTL value has decreased to zero. Select this option if you don't want the SonicWALL appliance to generate these reporting packets.

Dynamic Ports

Enable support for Oracle (SQLNet) - Select if you have Oracle applications on your network.
Enable support for Windows Messenger - Select this option to support special SIP messaging used in Windows Messenger on the Windows XP.
Enable RTSP Transformations - Select this option to support on-demand delivery of real-time data, such as audio and video. RTSP (Real Time Streaming Protocol) is an application-level protocol for control over delivery of data with real-time properties.

Source Routed Packets

Drop Source Routed Packets is selected by default. Clear the check box if you are testing traffic between two specific hosts and you are using source routing.

Connections

Check Disable Anti-Spyware, Gateway AV and IPS Engine (increases maximum SPI connections) if you want to enable more connections at the expense of the Gateway Anti-Virus and Intrusion Prevention services.

Access Rule Service Options

Force inbound and outbound FTP data connections to use default port 20 - The default configuration allows FTP connections from port 20 but remaps outbound traffic to a port such as 1024. If the check box is selected, any FTP data connection through the security appliance must come from port 20 or the connection is dropped. The event is then logged as a log event on the security appliance.

IP and UDP Checksum Enforcement

Enable IP header checksum enforcement - Select this to enforce IP header checksums.
Enable UDP checksum enforcement - Select this to enforce IP header checksums.

UDP

Enter the number of seconds of idle time you want to allow before UDP connections time out in the Default UDP Connection Timeout (seconds) field. This value is overridden by the UDP Connection timeout you set for individual rules.

SonicWALL, Inc. http://www.sonicwall.com 1160 Bordeaux Drive Sunnyvale, CA 94089-1209