Manualshelf

R3166-R3206-HP High-End Firewalls Attack Protection Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
21222324252627282930
17
4. Assign interface GigabitEthernet 0/2 to the untrusted zone.
# Enable SYN Flood detection.
1. From the navigation tree, select Intrusion Detection > Traffic Abnormality > SYN Flood.
2. Select DMZ from the Security Zone dropdown list.
3. In the Attack Prevention Policy section, select the Discard packets when the specified attack is
detected option.
4. Click Apply.
5. In the SYN Flood Configuration section, click Add.
6. On the page that appears, select the Protected Host Configuration option.
7. Configure the IP address as 10.110.1.1.
8. Set Connection Rate Threshold to 5000 connections per second.
9. Set Half Connection Count Threshold to 6000 per second.
10. Click Apply to complete the configuration.
Configuration verification
Now, the firewall should be able to output an alarm log when detecting a SYN Flood attack on Server
A and block all subsequent SYN packets to the server.