About the CSX40018 CSX400 and CSX400-DC User’s GuideBridging and Routing Protocol FilteringFiltering is used to allow efficient usage of network resources and provide security for yournetwork and hosts.IP Internet Firewall — The CSX400 supports IP Internet Firewall filtering to preventunauthorized access to your system and network resources from the Internet or a corporateIntranet. Security can be configured to permit or deny IP traffic. The security is established byconfiguring IP access filters, which are based on source IP address, source mask, destination IPaddress, destination mask, protocol type, and application port identifiers for both TransmissionControl Protocol (TCP) and User Datagram Protocol (UDP) protocols. These IP access filtersallow individual IP source and destination pair filtering as well as IP address ranges and wildcarding to match any IP address. These Firewall filters can be defined to allow inbound only,outbound only, or bi-directional IP communication up to the UDP and TCP application port level.Firewall access filters provide a lot of flexibility to establish a powerful IP security barrier. TheCSX400 supports the IP Access Control (from the ctip-mib) Internet Firewall Filter.Bridge Filtering — Bridge filtering allows a network administrator to control the flow of packetsacross the CSX400. Bridge filtering can be used to “deny” or “allow” packets based on a “matchedpattern” using a specified position and hexadecimal content within the packet. This enablesrestricting or forwarding of messages based on address, protocol, or data content. Common usesinclude preventing access to remote networks, controlling unauthorized access to the localnetwork, and limiting unnecessary traffic.The CSX400 supports the following Bridge Filters:• dot1dStatic Filters (IETF RFC1493)• Ethernet Special Filtering Database (from the ctbridge-mib)System PasswordsSystem passwords allow you to control access to the CSX400 by establishing three passwords.Each password provides varying levels of access to the CSX400. The default password for eachaccess level is pre-set to public. If you do not wish to establish a password, press ENTER, thedefault password is automatically selected.The following definitions explain each of the three levels of access:read-only — This access level allows reading of device parameters not including systempasswords.
