Knowledgebase: Firewall / Security
The difference between IP and Object based firewall
Posted by on 23 January 2012 01:21 PM

Vigor 2700's firewall is ip-rule based firewall, Vigor 2710 & 2820's are object based firewall with CSM.
ip-rule based firewall means if you want to block a PC to access a website, you need a rule like below:
192.168.1.20/32--->x.x.x.x:80, block immediately.
You need to use subnet mask or a lot of rules if you want to make a complicated network control job.

object based firwall means you can define PC(s) as several PC group(s), and define network services as service group(s). then you need several simple rules to combine the PC groups and the service groups.
With the object based firewall, the firewall structure is more clear, whenever you want to change something, for example, add one PC to group1, what you need is adding the PC's IP to the group1, no firewall rule changes needed.

CSM gives you simple method to control some network applications, for example, one click to disable MSN access, VNC access, and etc.

From Mr Draytek of Whirlpool

 

 

(0 vote(s))
Helpful
Not helpful

Comments (0)