Ethernet Protocol Filters

In addition to the other available bridge filters, the KarlBridge has the ability to selectively filter specific packets based upon their Ethernet protocol type. Specific protocols can be bridged or denied, or even tunnelled to remote networks when upgraded with the Bridge-Mode IP Tunnel option.

Protocol filters are useful in preventing protocols used in one segment of a network from being bridged to other subnets that do not use those protocols. This increases the amount of bandwidth available on your network. For example, traffic from a subnet using AppleTalk may not need to be bridged to a segment of the network with Unix workstations. By denying AppleTalk from being bridged to the Unix subnet, the Unix subnet is not clogged with unnecessary traffic.

The KarlBridge's protocol filters are also an excellent mechanism for increasing network security. If a connection to the remote network is primarily for Internet access, the KarlBridge can bridge IP and IP-ARP, but deny LAN protocols used by Windows NT, Novell, and Macintosh servers. This protects servers and client systems on the private local LAN from outside attack using those LAN protocols, and also prevents private LAN data from being bridged to the untrusted remote network.

For the utmost in security for networks connected to the Internet, we recommend including the Firewall in your KarlBridge or KarlRouter. You can find examples of how protocol filters can be applied in your network by visiting the Solutions section of our Online Library.