Chapter 2 Features and Applications
ISG50 User’s Guide
42
User-Aware Access Control
Set up security policies that restrict access to sensitive information and shared resources based on
the user who is trying to access it.
Figure 16 Applications: User-Aware Access Control
Firewall
The ISG50’s firewall is a stateful inspection firewall. The ISG50 restricts access by screening data
packets against defined access rules. It can also inspect sessions. For example, traffic from one
zone is not allowed unless it is initiated by a computer in another zone first.
Anomaly Detection and Prevention (ADP)
ADP (Anomaly Detection and Prevention) can detect malicious or suspicious packets and respond
instantaneously. It can detect:
• Anomalies based on violations of protocol standards (RFCs – Requests for Comments)
• Abnormal flows such as port scans.
The ISG50’s ADP protects against network-based intrusions. See Section 26.3.4 on page 415 and
Section 26.3.5 on page 418 for more on the kinds of attacks that the ISG50 can protect against.
You can also create your own custom ADP rules.
Bandwidth Management
Bandwidth management allows you to allocate network resources according to defined policies. The
ISG50 applies its QoS and queueing to use this policy-based bandwidth allocation to help your
network to better handle applications such as Internet access, e-mail, Voice-over-IP (VoIP), video
conferencing and other business-critical applications.
