Manualshelf

R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
21222324252627282930
15
Return to Blacklist configuration task list.
Viewing the blacklist
Select Security > Intrusion Detection from the navigation tree and then select the Blacklist tab to enter the
blacklist management page, where you can view the blacklist information, as shown in Figure 14.
Table 7 de
scribes the blacklist fields.
Table 7 Blacklist fields
Item Descri
p
tion
IP Address Blacklisted IP address
Add Method
Type of the blacklist entry, which can be:
Auto: Added by the scanning detection feature automatically.
Manual: Added manually or modified manually.
TIP:
Once modified manually, an auto entry becomes a manual one.
Start Time Time when the blacklist entry is added.
Hold Time Lifetime of the blacklist entry
Dropped Count Number of packets dropped based on the blacklist entry
Return to Blacklist configuration task list.
Blacklist configuration example
Network requirements
As shown in Figure 16, the internal network is the trusted zone and the external network is the untrusted
zone. Configure the LB module so that the module:
Blocks packets from Host D forever. (It is assumed that Host D is an attack source.)
Blocks packets from Host C within 50 minutes, so as to control access of the host.
Performs scanning detection for traffic from the untrusted zone and, upon detecting a scanning
attack, blacklists the source. The scanning threshold is 4500 connections per second.
Figure 16 Network diagram for blacklist configuration