R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101
17
Figure 19 Add a blacklist entry for Host C
• Enter IP address 192.168.1.5.
• Select the Hold Time option and, in the box next to the option, set the lifetime of the entry to 50
minutes.
• Click Apply to complete the configuration.
# Configure scanning detection for the untrusted zone.
Select Security > Intrusion Detection from the navigation tree and then select the Scanning Detection tab.
Perform the configurations shown in Figure 20.
Figure 20 Configure scanning detection for the untrusted zone
• Select security zone Untrust.
• Select the Enable Scanning Detection option.
• Set the scanning threshold to 4500.
• Select the Add the source IP to the blacklist option.
• Click Apply to complete the configuration.
Configuration verification
After completing the configurations, check that:
• The manually added blacklist entries appear on the blacklist. You can select Security > Intrusion
Detection from the navigation tree and then select the Blacklist tab to display the list.
• The module discards all packets from Host D before you remove the blacklist entry for the host.
• The module discards all packets from Host C within 50 minutes. After 50 minutes, the module
forwards packets from Host C normally.
• Upon detecting a scanning attack from the untrusted zone, the module outputs an alarm log and
adds the IP address to the blacklist. You can select Security > Intrusion Detection from the
navigation tree and then select the Blacklist tab to check the blacklist for the entry.