R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101
25
NOTE:
• In a security zone, you can configure multiple protected hosts and one
g
lobal connection rate threshold.
• For a host, the host-specific setting overrides the global setting of the security zone in case conflict
occurs.
Configuring UDP flood detection
NOTE:
UDP flood detection is mainly intended to protect servers and is usually configured for an internal zone.
Select Security > Intrusion Detection from the navigation tree and then select the UDP Flood tab to enter
the UDP flood detection configuration page, as shown in Figure 26. Y
ou can select a security zone and
then view and configure UDP flood detection rules for the security zone.
Figure 26 UDP flood detection configuration page
Do the following to configure UDP flood detection:
1. In the Attack Prevention Policy area, specify the protection action to be taken upon detection of a
UDP flood attack. If you do not select the Discard packets when the specified attack is detected
option, the module only collects UDP flood attack statistics.
2. In the UDP Flood Configuration area, view the configured UDP flood detection rules, or click Add
to enter the page shown in Figure 27 to
configure a UDP flood detection rule.