R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101
34
• After a scanning attack packet is received from zone Untrust, the module should output alarm logs
and add the IP address of the attacker to the blacklist. You can select Security > Intrusion Detection
from the navigation tree and then select the Blacklist tab to view whether the attacker’s IP address
is on the blacklist.
• If a host in zone Trust initiates 100 or more connections, the module should output alarm logs and
discard subsequent connection request packets from the host. You can select the Statistics tab to
view how many times that a connection limit per source IP address has been exceeded and the
number of packets dropped.
• If the number of connections to the server in the DMZ reaches or exceeds 10000, the module
should output alarm logs and discard subsequent connection request packets. You can select the
Statistics tab to view how many times that a connection limit per destination IP address has been
exceeded and the number of packets dropped.
• If a SYN flood attack is initiated to the DMZ, the module should output alarm logs and discard the
attack packets. You can select the Statistics tab to view the number of SYN flood attacks and the
number of packets dropped.