Solved

Firewall Changes - Knock on effects?

Posted on 2011-09-08
1
578 Views
Last Modified: 2012-05-12
Hi All

We have a sonicwall NSA 3500 filewall appliance and we are thinking about enabling the following features.

Enable TCP handshake enforcement
Enable TCP checksum enforcement

Can anybody explain what effect this will have?

(I have a brief idea but i am playing dumb to make sure i havent overlooked anything).

Thanks for any comments.
0
Comment
Question by:ict-torquilclark
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 32

Accepted Solution

by:
Kamran Arshad earned 500 total points
ID: 36501690
Hi,

The TCP Handshake enforcement requires a successful three way handshake for all TCP connections. It prevents DDOS attacks by dropping connections which are incomplete and only allow a connection after three way handshake. The  Enable TCP checksum enforcement  drops a packet If an invalid TCP checksum is calculated. You can also check the below link;

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3768&p=t
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question