Manualshelf

Instruction manual

ManualsBrandsCitrix Systems ManualsSwitch9000 Series
11121314151617181920
Chapter 1: Introduction to the NetScaler 9000 Series
1-12 NetScaler 9000 Series Installation and Configuration Guide - Volume 1
NSICG60_JAN05
system identifies legitimate clients and elevates their priority, leaving suspect
clients unable to consume resources at a rate that would otherwise cripple a
site.
The NetScaler 9000 system provides application-level protection from other
malicious attacks including SYN flood attacks, pipeline, teardop, land,
fraggle, and zombie connection attacks. The NetScaler 9000 system
aggressively defends against these types of attacks by preventing the
allocation of server resources for these connections. This insulates servers
from the overwhelming flood of packets associated with these events.The
NetScaler 9000 system also protects network resources from ICMP based
attacks by using a variety of intelligent mechanisms such as ICMP rate
limiting and aggressive ICMP packet inspection.
The NetScaler 9000 system also performs strong IP reassembly, drops a
variety of suspicious and malformed packets, and applies Access Control
Lists (ACLs) to site traffic for further protection.
1.5.2.4 Content Filtering
Content filtering provides protection from malicious attacks for web sites at
the layer 7 level. The NetScaler 9000 system inspects every incoming request
according to user-configured rules, which are based on HTTP headers. The
NetScaler 9000 system then performs the corresponding action to each rule as
configured by the user. Actions may include resetting the connection,
dropping the requests or sending an error message. This allows the system to
screen unwanted requests from the protected server and reduce the exposure
of the server to potential attacks.
The NetScaler 9000 system's content filtering feature can also be used to
shield against intrusion attempts by analyzing HTTP GET and POST requests
and filtering out known bad signatures. This mechanism can be used to defend
against HTTP-based attacks such as variants of Nimda and Code Red virus.
1.5.2.5 Surge Protection
During peak traffic periods, the NetScaler 9000 system maintains the capacity
of a server or cache by regulating the flow of user requests to servers and
controlling the number of users that can simultaneously access them. By
controlling the rate at which connections are established, the NetScaler 9000
system blocks the surge from being passed to the server and prevents the site
from becoming overloaded. User requests that arrive after the server has
reached its configured capacity are queued at the NetScaler 9000 until