F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Attack Protection Configuration Guide-6PW100
21
Figure 21 Configuring connection limit for the trusted zone
5. Configure connection limits for the DMZ on the connection limit configuration page:
a. Select the security zone DMZ.
b. Select Discard packets when the specified attack is detected.
c. Select Enable connection limit per dest IP and set the threshold to 10000.
d. Click Apply.
Figure 22 Configuring connection limit for the DMZ
6. Configure SYN flood detection for the DMZ:
a. From the navigation tree, select Intrusion Detection > Traffic Abnormality > SYN Flood.
The SYN flood detection confirmation page appears, as shown in
282HFigure 23.
b. Select the security zone DMZ.
c. In the Attack Prevention Policy area, select Discard packets when the specified attack is
detected.
d. Click Apply.
Figure 23 Configuring SYN flood detection for the DMZ