Manualshelf

R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
11121314151617181920
ix
Connection limit configuration task list ······················································································································ 367
Creating a connection limit policy ····························································································································· 367
Configuring the connection limit policy ····················································································································· 367
Applying the connection limit policy ·························································································································· 368
Displaying and maintaining connection limiting ······································································································ 368
Connection limit configuration example ···················································································································· 368
Network requirements ········································································································································· 368
Configuration procedure ···································································································································· 369
Verifying the configuration ································································································································· 369
Troubleshooting connection limiting ··························································································································· 370
Connection limit rules with overlapping segments ··························································································· 370
Connection limit rules with overlapping protocol types ·················································································· 370
Configuring Web filtering ······································································································································ 372
Overview ······································································································································································· 372
URL address filtering ··········································································································································· 372
IP address-supported URL address filtering ······································································································· 372
URL parameter filtering ······································································································································· 373
Java blocking ······················································································································································· 373
ActiveX blocking ·················································································································································· 374
Configuring Web filtering ··········································································································································· 374
Configuring URL address filtering ······················································································································ 374
Configuring IP address-supported URL address filtering ················································································· 374
Configuring URL parameter filtering ·················································································································· 375
Configuring Java blocking ································································································································· 375
Configuring ActiveX blocking ···························································································································· 376
Displaying and maintaining Web filtering ················································································································ 376
URL address filtering configuration example ············································································································· 377
URL parameter filtering configuration example ········································································································ 378
Java blocking configuration example ························································································································ 379
Troubleshooting Web filtering ···································································································································· 380
Failed to add filtering entry or suffix keyword due to upper limit ·································································· 380
Invalid characters are present in the configured parameter ··········································································· 381
Invalid use of wildcard ······································································································································· 381
Invalid blocking suffix ········································································································································· 382
ACL configuration failed ····································································································································· 382
Unable to access the HTTP server by IP address······························································································ 383
Configuring attack detection and protection ············································································································· 1
Overview ············································································································································································ 1
Types of network attacks the device can defend against ···················································································· 1
Blacklist function ······················································································································································· 3
Traffic statistics function ··········································································································································· 3
TCP proxy ·································································································································································· 4
Attack detection and protection configuration task list ································································································· 6
Configuring attack protection functions for an interface ······························································································ 7
Creating an attack protection policy ······················································································································ 7
Configuring an attack protection policy ················································································································ 7
Applying an attack protection policy to an interface ························································································ 10
Configuring TCP proxy ·················································································································································· 11
Configuring the blacklist function ································································································································· 11
Enabling traffic statistics on an interface ····················································································································· 12
Displaying and maintaining attack detection and protection ··················································································· 12
Attack detection and protection configuration examples ·························································································· 13
Attack protection functions on interfaces configuration example ····································································· 13