Page 1 of 1

Overview

PostPosted: Mon Sep 05, 2011 7:37 am
by admin
Advanced Settings in Firewall are also applied to Quota.

Quota page is controlling amount of data flow through single ip, or single connection. This service is useful, especially for database server. Consider if there is an internal hacker, he want to query all customers, sales order record from server through the application in a day. If the server have no protection or limitation, he can query all the data, save or printing out. All data is being stolen without hints. If quota applied, set to allow the amount of data in an hour or day, if over upper limit, Magic Router will reject connection, and send email notification to administrator. Then you can lock the ip to access or any action you can take to protect data.

Ip quota, ip may be a single ip from remote office, the upper limit should set higher to avoid user always being blocked to access.
Connection quota, single connection is access by single user, you can accurately set lower value. Of course you should very clear how much data is always pass through in a single connection. For example, the service port is a streaming server, you should set higher, If it is a database server, you should set lower.

Bytes sent means, max. allowed data in terms of mega bytes, send from client application. Bytes sent from client is always much less than receive.

Bytes Receive means, max. allowed data in terms of mega bytes, receive from true server back to client application. Bytes receive is always higher than sent.

Setting up these 8 values correctly or accurately is not easy, you need to set higher at initial stage To observe the amount of data pass through a ip or connection, click panel control > conns button, you will find there is 2 ByteIn columns. 1 is send, another is receive. Even though setup is hard, but will highly increase the data security.
If you need more information on connections, open dbcstore.mdb, there is a quota table, record the data in or out by time by ip.

If over quota reach, the ip will become black ip stored in either blackip.txt or black ip table.

Page4.JPG