Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Attack Protection Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
21222324252627282930
21
Configure destination IP address-based connection limit for the DMZ, and set the number of
connections the server can accommodate to, for example, 10000.
Configure SYN flood detection for the DMZ, and set the action threshold for attacks targeting the
internal server (for example, to 5000 packets per second) and the silent threshold (for example, to
1000 packets per second). Set the attack protection action to blocking subsequent packets destined
for the server.
Configuration procedure
# Assign IP addresses to interfaces. (Details not shown.)
# Enable the blacklist feature.
From the navigation tree, select Intrusion Detection > Blacklist. The blacklist management page appears,
as shown in Figure 22.
Figure 22 Enabling the blacklist featu
re
Perform the following operations on the page:
In the Global Configuration area, select the Enable Blacklist option.
Click Apply.
# Configure scanning detection for the untrusted zone.
From the navigation tree, select Intrusion Detection > Traffic abnormality > Scanning Detection. The
scanning detection configuration page appears, as shown in Figure 23.
Figure 23 Configuring scanning detec
tion for the untrusted zone
Perform the following operations on the page: