A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. SD-WAN Orchestrator supports configuration of stateless and stateful firewalls for profiles and edges.
A Stateful firewall monitors and tracks the operating state and characteristics of every network connections coming through the firewall and uses this information to determine which network packets to allow through the firewall. The Stateful firewalls build a state table and use this table to allow only returning traffic from connections currently listed in the state table. After a connection is removed from the state table, no traffic from the external device of this connection is permitted.
The Stateful firewall feature provides the following benefits:
- Prevent attacks such as denial of service (DoS) and spoofing
- More robust logging
- Improved network security
Note: By default, the
Stateful Firewall feature is enabled for an enterprise.
SD-WAN Orchestrator allows the enterprise user to enable or disable the Stateful Firewall feature at the profile and edge level from the respective
Firewall page. To disable the Stateful Firewall feature for an enterprise, contact an Operator with Super User permission.
Note: Asymmetric routing is not supported in Stateful Firewall enabled edges.
Note: By default, the
Syslog Forwarding feature is disabled for an enterprise. To collect firewall logs originating from enterprise
SD-WAN Edges to one or more centralized remote Syslog collectors (Servers), an enterprise user must enable this feature at the enterprise level. For steps on how to configure Syslog collector details per segment in the
SD-WAN Orchestrator, see
Configure Syslog Settings at Profile Level.
To configure firewall settings at the profile and edge level, see: