HP 7100/7200 IPsec dl Module : R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101 : Page 3

i

Contents

Zone configuration ······················································································································································· 1

Configuring a zone ··························································································································································· 2

Configuration task list ·············································································································································· 2

Creating a zone ······················································································································································· 2

Configuring a zone member ··································································································································· 3

Zone configuration example ············································································································································ 4

Virtual fragment reassembly ········································································································································ 9

Virtual fragment reassembly overview ···························································································································· 9

Configuring virtual fragment reassembly ························································································································ 9

Virtual fragment reassembly configuration example ·································································································· 10

Configuration guidelines ··············································································································································· 12

Blacklist configuration ················································································································································ 13

Overview ········································································································································································· 13

Configuring the blacklist ················································································································································ 13

Configuration task list ··········································································································································· 13

Enabling the blacklist function ····························································································································· 14

Adding a blacklist entry manually ······················································································································· 14

Viewing the blacklist ············································································································································· 15

Blacklist configuration example ···································································································································· 15

Packet inspection configuration ································································································································ 18

Overview ········································································································································································· 18

Configuring packet inspection ······································································································································ 19

Packet inspection configuration example ···················································································································· 20

Traffic abnormality detection configuration ············································································································· 22

Overview ········································································································································································· 22

Flood detection ······················································································································································ 22

Connection limit ····················································································································································· 23

Scanning detection ················································································································································ 23

Configuring traffic abnormality detection ···················································································································· 23

Configuring ICMP flood detection ······················································································································· 23

Configuring UDP flood detection ························································································································· 25

Configuring SYN flood detection ························································································································ 26

Configuring connection limit ································································································································ 28

Configuring scanning detection ··························································································································· 29

Traffic abnormality detection configuration example ································································································· 30

Intrusion detection statistics ······································································································································· 35

Overview ········································································································································································· 35

Displaying intrusion detection statistics ························································································································ 35

TCP proxy configuration ············································································································································ 38

Overview ········································································································································································· 38

Introduction to SYN flood attack ·························································································································· 38

Introduction to TCP proxy ····································································································································· 38

How TCP proxy works ·········································································································································· 39

Configuring TCP proxy ·················································································································································· 40

Configuration task list ··········································································································································· 40

Performing global TCP proxy setting ··················································································································· 41