Ethernet Protocol Filters
In addition to the other available bridge
filters, the KarlBridge has the ability to selectively
filter specific packets based upon their Ethernet protocol
type. Specific protocols can be bridged or denied, or
even tunnelled to remote networks when upgraded with the
Bridge-Mode
IP Tunnel option.
Protocol filters are useful in preventing protocols used
in one segment of a network from being bridged to other
subnets that do not use those protocols. This increases
the amount of bandwidth available on your network. For
example, traffic from a subnet using AppleTalk may not
need to be bridged to a segment of the network with Unix
workstations. By denying AppleTalk from being bridged
to the Unix subnet, the Unix subnet is not clogged with
unnecessary traffic.
The KarlBridge's protocol filters are also an excellent
mechanism for increasing network security. If a connection
to the remote network is primarily for Internet access,
the KarlBridge can bridge IP and IP-ARP, but deny LAN
protocols used by Windows NT, Novell, and Macintosh servers.
This protects servers and client systems on the private
local LAN from outside attack using those LAN protocols,
and also prevents private LAN data from being bridged
to the untrusted remote network.
For the utmost in security for networks connected to
the Internet, we recommend including the
Firewall in your KarlBridge or KarlRouter. You can
find examples of how protocol filters can be applied in
your network by visiting the Solutions
section of our Online Library.