Ağ
The Network tab provides access to Interfaces (Standalone), Interfaces (Cluster), Firewall, Route Tables, DOS/DDOS Protection, and DNS.
Interfaces (Standalone)
The configurations under the Interfaces tab are explained for non-Cluster single TR7 ASP devices.
- For more details about Interfaces (Standalone) click here.
Interfaces (Cluster)
The configurations under the Interfaces tab are explained for Clustered TR7 ASP devices.
- For more details about Interfaces (Cluster) click here.
Firewall
The TR7 ASP device comes with a built-in Firewall. It is a high-performance, Layer 4 stateful Firewall designed to block Layer 1-5 attacks before they reach Layer 7. The TR7 ASP Firewall primarily.Operates in the following modes:
- Packet Filtering (Based on Packets)
- Rule Based
- Stateful
It can perform actions like Allow, Block, Redirect, SNAT, and DNAT for TCP, UDP, ICMP, UDP-Lite, AH, OSPF protocols at IP, Network, and MAC levels. By default, all protocols and ports are closed, and as new Frontend services are defined, the firewall automatically creates permission rules to facilitate the operation of the respective service.
- For more details about the Firewall click here.
Route Tables
The TR7 ASP Route Table allows for the isolation of network elements (Interfaces, IP Addresses, Redirects, Firewall Rules) in scenarios with multiple predefined network gateways (default gateways). This enables each Route Table to have its unique network gateway definition. Interfaces can be moved to the desired Route Table, transferring their IP addresses and routing definitions to the selected Route Table.
- For more details about Route Tables click here.
DOS/DDOS Protection
DOS and DDOS attacks often lead to partial or complete disruption of services or service interruptions for organizations and businesses. DOS and DDOS protection systems provide active protection against such attacks through multi-layered and dynamic mechanisms. They continually learn and assess network traffic, blocking harmful traffic while allowing harmless traffic, using behavioral modeling.
Basic Types of DDOS Attacks
- Network Level
- Reflective/Amplified
- Fragmentation
- Application Specific
- Crafted
TR7 ASP DOS/DDOS Koruması ile yaygın olarak bilinen ICMP Smurf Attack, SYN Flood, Tear Drop, UDP Flood, NTP Flood, DNS Flood, Zero Byte UDP, Protocol Validation, PUSH Floods and ACK Floods, Possible WAREZ Attack, Camfrog, TCP Ack, Ping of Death ICMP, Null Flood, Christmas Tree, Port Scan, SMBnuke, Pepsi, Fraggle Attack, Zombie TCP ve Smurf Attack saldırılarına karşı koruma sağlanabilmektedir.
The TR7 ASP DOS/DDOS Protection can protect against common attacks such as ICMP Smurf Attack, SYN Flood, Tear Drop, UDP Flood, NTP Flood, DNS Flood, Zero Byte UDP, Protocol Validation, PUSH and ACK Floods, Possible WAREZ Attack, Camfrog, TCP Ack, Ping of Death ICMP, Null Flood, Christmas Tree, Port Scan, SMBnuke, Pepsi,Fraggle Attack, Zombie TCP, and Smurf Attack.
IP addresses detected in attacks are quarantined for cca defined period and can be monitored on the DOS/DDOS Protection Dashboard.
- For more details about DOS/DDOS Protection click here.
DNS
The DNS screen allows for the entry of the IP address of the DNS server to which the TR7 ASP device will connect. Multiple DNS servers can be added. Additionally, virtual host groups can also be defined on this screen.
- For more details about DNS. click here.