Solved

Firewall Changes - Knock on effects?

Posted on 2011-09-08
1
568 Views
Last Modified: 2012-05-12
Hi All

We have a sonicwall NSA 3500 filewall appliance and we are thinking about enabling the following features.

Enable TCP handshake enforcement
Enable TCP checksum enforcement

Can anybody explain what effect this will have?

(I have a brief idea but i am playing dumb to make sure i havent overlooked anything).

Thanks for any comments.
0
Comment
Question by:ict-torquilclark
1 Comment
 
LVL 32

Accepted Solution

by:
Kamran Arshad earned 500 total points
Comment Utility
Hi,

The TCP Handshake enforcement requires a successful three way handshake for all TCP connections. It prevents DDOS attacks by dropping connections which are incomplete and only allow a connection after three way handshake. The  Enable TCP checksum enforcement  drops a packet If an invalid TCP checksum is calculated. You can also check the below link;

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3768&p=t
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now