Solved

Firewall Changes - Knock on effects?

Posted on 2011-09-08
1
579 Views
Last Modified: 2012-05-12
Hi All

We have a sonicwall NSA 3500 filewall appliance and we are thinking about enabling the following features.

Enable TCP handshake enforcement
Enable TCP checksum enforcement

Can anybody explain what effect this will have?

(I have a brief idea but i am playing dumb to make sure i havent overlooked anything).

Thanks for any comments.
0
Comment
Question by:ict-torquilclark
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 32

Accepted Solution

by:
Kamran Arshad earned 500 total points
ID: 36501690
Hi,

The TCP Handshake enforcement requires a successful three way handshake for all TCP connections. It prevents DDOS attacks by dropping connections which are incomplete and only allow a connection after three way handshake. The  Enable TCP checksum enforcement  drops a packet If an invalid TCP checksum is calculated. You can also check the below link;

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3768&p=t
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question