F3215-HP Load Balancing Module Security Configuration Guide-6PW101

188

Figure 89 Configuring scanning detection for the untrusted zone

4. Configure connection limits for the trusted zone:

a. From the navigation tree, select Security > Intrusion Detection > Connection Limit.

The connection limit configuration page appears, as shown in Figure 90.

b. Select the security zone Trust.

c. Select Discard packets when the specified attack is detected.

d. Select Enable connection limit per source IP and set the threshold to 100.

e. Click Apply.

Figure 90 Configuring connection limit for the trusted zone

5. Configure connection limits for the DMZ on the connection limit configuration page:

a. Select the security zone DMZ.

b. Select Discard packets when the specified attack is detected.

c. Select Enable connection limit per dest IP and set the threshold to 10000.

d. Click Apply.

Figure 91 Configuring connection limit for the DMZ

6. Configure SYN flood detection for the DMZ:

a. From the navigation tree, select Security > Intrusion Detection > SYN Flood.

The SYN flood detection confirmation page appears, as shown in Figure 92.

b. Select the security zone DMZ.