SunScreen 3.1 Lite is a stateful, packet-filtering firewall that has a subset of the features in SunScreen 3.1. It protects individual servers and small work groups.
SunScreen 3.1 Lite supports the following SunScreen3.1 features. A SunScreen 3.1 Lite firewall:
Can do basic packet filtering.
Can administer a Screen from a remote Administration Station.
Can be used for centrally managed secondary machines.
Uses SunScreen SKIP (Simple Key-Management for Internet Protocols) for encryption, which is included as part of SunScreen 3.1 Lite and is automatically installed.
SunScreen 3.1 Lite does not support the following SunScreen features. A SunScreen 3.1 Lite firewall:
Cannot create and cannot be made the primary Screen in a centrally managed group.
Cannot support more than two interfaces; the filtering mechanisms ignore any other interfaces.
Cannot support more than ten unregistered IP addresses that can be translated to a registered address using network address translation (NAT); it is limited to two NAT rules.
Ignores the time-of-day field. It makes all rules active while that policy is active.
Does not support and cannot create the ADMIN, HA, or STEALTH interfaces.