NVIDIA nForce2 Ultra 400Gb MCP Preview
Former staff writer - February 26, 2004
nForce UDA Package
Block outbound spoofed packets: NVIDIA Professional Firewall can block outbound IP packets if the source address is not an address assigned to the NVIDIA interface. This feature prevents your PC from being used by a hacker (or a Trojan horse) as a zombie machine in attacking other machines. It prevents the system from participating in distributed denial of service (DoS) attacks.
Block spoofed ARP packets: If machine A, on the same physical network as you, wants to intercept traffic between your machine and some other machine B, machine A can send an ARP reply claiming that B’s IP address maps to A’s MAC address. Therefore any traffic your machine tries to send to B will be sent to A instead. This becomes a DoS attack when machine A pretends to be the local router or server, like DHCP. Even worse, A can start sending out fake traffic as if it’s the server it’s spoofing.
Block UDPv4 with no UDP checksum: UDP packets have the option of whether or not to include checksums for its payload. If the checksum is not present, the packet’s checksum field is simply 0. NVIDIA
Firewall Professional can block zero-checksum UDP packets. Normally NVIDIA Firewall only drops UDP packets that have incorrect non-zero checksums but allow zero-checksum packets to pass.
Disallow DHCP server: To prevent someone from hijacking your system to act as a DHCP server, NVIDIA Firewall Professional can block packets to and from the local machine’s DHCP server and DHCPv6 server ports.
Disallow Promiscuous mode: This prevents someone from using your system as a packet-capturing machine on the local network and participating in certain network attacks.
Security is becoming more and more necessary as hackers, crackers, and script kiddies find more interesting ways to break in to our systems. Microsoft has begun to bring the security of their operating systems up a notch with the soon to be released Service Pack 2 for Windows XP. They're also building the next version of Windows, Codename Longhorn, with security in mind.
NVIDIA has taken it upon themselves to integrate a hardware based firewall solution within the Gigabit Ethernet on the nForce2 Ultra 400GB. A hardware based firewall can provide you more advanced features than what a stand-alone software firewall. A hardware firewall can also operate with hardly any impact on the performance of your system, unlike most software based firewalls. You wouldn't believe how many gamers will say that they don't run a firewall because it hurts the performance of their system while gaming.
There are some users who say "I have a router with a built-in firewall or NAT, so I don't need a firewall running on my machine". This is totally not true due to the fact that most all routers do not block "outgoing" traffic. If outgoing traffic is not filtered, then your machine can be used to launch attacks on other web sites or servers, used for spamming other people, and other malicious things if your system was to become infected with a trojan or virus.
The NVIDIA Firewall is a stateful filtering firewall that examines each packet of data that goes in and out of your system, which can also be changed to only filtering incoming or just outgoing traffic.
Unlike software firewalls like ZoneAlarm, Blackice, and Norton Security, the NVIDIA firewall is driver based. Meaning when you boot in to Windows, you're safe from attacks soon as your Ethernet connection is established. Software firewalls do not protect your system until Windows has loaded and the software firewall has started, leaving you open to attacks during that time.
NVIDIA's web-based firewall manager is the most featured packed consumer firewall that I have ever seen. You can configure just about any kind of option that you can imagine. One of my favorite features is the ability to create firewall profiles. For example, if you wanted to host a game of Battlefield Vietnam, create a profile with the ports needed to host the game, then select the profile and you're ready to host the game!
NVIDIA said that they are not going to compete with firewall companies, but rather provide the companies access to their development information so that they may use NVIDIA's firewall driver to tap in to the chipset firewall.
The "Network Access Manager", or NAM is what I like to call it, is where you can go to configure the firewall and see network information. You can get to the NAM (Network Access Manager) by clicking on the icon that will be on your desktop or start menu. After doing so, your default Internet Browser will be launched and will bring you to the NAM screen. I can not possibly show all of the settings that are within the Network Access Manager, but I will show you some of my favorite and most useful features.
This is the main screen of the NAM. From here you can choose what you want to configure or see more information about. At the top of the screen, you have quick access to the main features of the NAM. On the left side there is "expandable" navigation menu's which makes it easy to find what you're looking for. Until you get more familure with the NAM, you could use the navigation in the center of the page because each item offers a description of what can be found if you click on it.
This is the "Ethernet Basic Configuration" screen that allows you to adjust parameters of the firewall driver and define Ethernet settings. The two main features to note on this page is the "Speed Duplex" and "Driver Optimization" settings. You might already be familiar with the "Speed Duplex" setting, that allows you to adjust the "speed" of your Ethernet connection. The driver optimization screen allows you to adjust the NVIDIA firewall driver, to a desired profile. The profile options are: CPU Utilization, Multimedia, Throughput, and custom. For example if you set it to "CPU Utilization" the driver will operate in a way so that it takes up less CPU usage as possible. This is great for gamers or users on our [email protected] Team, to squeeze every bit of performance out of your CPU.