User's Manual
Table Of Contents
- CHANGE LOG
- WELCOME
- GATEWAY GXW450X OVERVIEW
- GETTING STARTED
- SYSTEM STATUS
- SYSTEM SETTINGS
- TRUNKS
- PBX SETTINGS
- MAINTENANCE
- CDR (Call DETAIL RECORD)
- EXPERIENCING THE GXW450X SERIES DIGITAL GATEWAY
Page | 49
GXW450X User Manual
Version 1.0.0.6
The following figure shows a configuration example:
• If a host at IP address 192.168.2.5 initiates more than 100 TCP connections to the GXW450X, it will
be added into GXW450X blacklist. This host 192.168.2.5 will be blocked by the GXW450X for 500
seconds.
• Since IP range 192.168.2.10-192.168.2.20 is in whitelist, if a host initiates more than 20 TCP
connections to the GXW450X within 1 minute, it will not be added into GXW450X blacklist. It can still
establish TCP connection with the GXW450X.
Figure 26: Dynamic Defense Configuration
Fail2Ban
Fail2Ban feature on the GXW450X provides intrusion detection and prevention for authentication errors in
SIP INVITE and SUBSCRIBE. Once the entry is detected within "Max Retry Duration", the GXW450X will
act to forbid the host for certain period as defined in "Banned Duration". This feature helps prevent SIP
brute force attacks to the gateway system.