This section provides an overview of how Zorp handles incoming connections, and the task and purpose of the different Zorp components.
Zorp firewall rules permit and examine connections between the source and the destination of the connection. When a client tries to connect a server, Zorp receives the connection request and finds a firewall rule that matches the parameters of the connection request based on the client's address, the target port, the server's address, and other parameters of the connection. The rule selects a service to handle the connection. The service determines what happens with the connection, including the following:
the Transport-layer protocol permitted in the traffic, for example, TCP or UDP
the service started by the firewall rule.
This also determines the application-level protocol permitted in the traffic. Zorp uses proxy classes to verify the type of traffic in the connection, and to ensure that the traffic conforms to the requirements of the protocol, for example, downloading a web page must conform to the HTTP standards.
the address of the destination server
Zorp determines the IP address of the destination server using a router. Routers can also modify the target address if needed.
the content of the traffic
Zorp can modify protocol elements, and perform content vectoring. See Chapter 14, Virus and content filtering using ZCV for details.
how to connect to the server
For non-transparent connections, Zorp can connect to a backup server if the original is unreachable, or perform loadbalancing between server clusters.
who can access the service
Zorp can authenticate and authorize the client to verify the client's identity and privileges. See Chapter 15, Connection authentication and authorization for details.
The operations and policies configured in the service definition are performed by a Zorp instance.
Published on March 04, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu
