Manualshelf

R3166-R3206-HP High-End Firewalls Attack Protection Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
12345678910
i
Contents
Blacklist configuration ·················································································································································· 1
Blacklist overview ······························································································································································ 1
Configuring the blacklist feature ······································································································································ 1
Enabling the blacklist feature ·································································································································· 2
Adding a blacklist entry manually ·························································································································· 2
Viewing the blacklist ················································································································································ 3
Blacklist configuration example ······································································································································· 3
Packet inspection configuration ·································································································································· 5
Packet inspection overview ·············································································································································· 5
Configuring packet inspection ········································································································································· 6
Packet inspection configuration example ······················································································································· 7
Traffic abnormality detection configuration ··············································································································· 9
Traffic abnormality detection overview ··························································································································· 9
Configuring traffic abnormality detection ···················································································································· 10
Configuring ICMP flood detection ······················································································································· 10
Configuring UDP flood detection ························································································································· 12
Configuring SYN flood detection ························································································································ 13
Configuring connection limits ······························································································································· 14
Configuring scanning detection ··························································································································· 15
Traffic abnormality detection configuration example ································································································· 16
URPF Configuration ···················································································································································· 18
URPF overview ································································································································································ 18
What is URPF ························································································································································· 18
How URPF works ··················································································································································· 18
Configuring URPF ··························································································································································· 19
TCP proxy configuration ············································································································································ 20
Overview ········································································································································································· 20
SYN flood attack ··················································································································································· 20
TCP proxy ······························································································································································· 20
How TCP proxy works ·········································································································································· 21
Configuring TCP proxy ·················································································································································· 22
Configuration task list ··········································································································································· 22
Performing global TCP proxy setting ··················································································································· 23
Enabling TCP proxy for a security zone ············································································································· 23
Adding a protected IP address entry ··················································································································· 24
Displaying information about protected IP address entries ·············································································· 24
TCP proxy configuration example ································································································································ 25
Configuration guidelines ··············································································································································· 26
IDS collaboration configuration ································································································································ 27
Overview ········································································································································································· 27
Enabling IDS collaboration ··········································································································································· 27
Configuration guidelines ··············································································································································· 27
Intrusion detection statistics ······································································································································· 29
Overview ········································································································································································· 29
Displaying intrusion detection statistics ························································································································ 29