WAN hardening is an option that provides additional protection against unsafe connections from remote sites. When WAN hardening is enabled, only traffic arriving from a Silver Peak IPsec tunnels is allowed to enter.When Silver Peak appliances are deployed in Router Mode, you have the option of hardening any WAN–side interface. This means:
n For traffic inbound from the WAN, the appliance only accepts encapsulated traffic arriving from another Silver Peak appliance, via an IPsec tunnel. All other connections are rejected.
n For traffic outbound to the WAN, the appliance only allows IPsec tunnel packets and management traffic.
n Any data from the internet that gets backhauled via a Silver Peak IPSec tunnel will reach its destination at the hardened sites. This allows for integration with other security tools, such as firewalls, at the data center.
n Data sourced directly from the internet, or any other connection that doesn’t flow through a Silver Peak IPsec tunnel, is discarded when it hits the hardened interface. Only data from authenticated Silver Peak IPsec tunnels is allowed to pass across a hardened interface.
n
n On the Configuration > Interfaces page, select or deselect the checkboxin the Hardened Interfaces column.
Please send comments or suggestions regarding user documentation to techpubs@silver-peak.com. |