Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Attack Protection Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
31323334353637383940
26
Figure 29 Select the bidirectional mode and enable TCP proxy for zone Untrust
b. Select Bidirection for the global setting, and click Apply.
c. In the Zone Configuration area, click Enable for the Untrust zone.
3. Add an IP address entry manually for protection:
a. From the navigation tree, select Intrusion Detection > TCP Proxy > Protected IP Configuration.
b. Click Add.
c. Enter 20.0.0.10 in the Protected IP Address field.
d. Click Apply.
Figure 30 Add an IP address entry for protection
e. Configure the SYN flood detection feature, specifying to automatically add protected IP
address entries:
i From the navigation tree, select Intrusion Detection > Traffic Abnormality > SYN Flood.
ii In the Attack Prevention Policy area, select Trust from the Security Zone list.
iii Select the Add protected IP entry to TCP Proxy box in the Attack Prevention Policy area.
iv Click Apply.