Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Attack Protection Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
21222324252627282930
20
Figure 19 Enabling the blacklist feature
3. Configure scanning detection for the untrusted zone:
a. From the navigation tree, select Intrusion Detection > Traffic abnormality > Scanning Detection.
The scanning detection configuration page appears, as shown in
280HFigure 20.
b. Select the security zone Untrust.
c. Select Enable Scanning Detection.
d. Set the scanning threshold to 4500 connections per second.
e. Select Add the source IP to the blacklist.
f. Click Apply.
Figure 20 Configuring scanning detection for the untrusted zone
4. Configure connection limits for the trusted zone:
a. From the navigation tree, select Intrusion Detection > Traffic Abnormality > Connection Limit.
The connection limit configuration page appears, as shown in
281HFigure 21.
b. Select the security zone Trust.
c. Select Discard packets when the specified attack is detected.
d. Select Enable connection limit per source IP and set the threshold to 100.
e. Click Apply.