Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Attack Protection Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
12345678910
ii
Displaying information about protected IP address entries ·············································································· 34
TCP proxy configuration example ································································································································ 35
Configuration guidelines ··············································································································································· 37
Configuring IDS collaboration ·································································································································· 38
Feature and hardware compatibility ···························································································································· 38
Overview ········································································································································································· 38
Enabling IDS collaboration ··········································································································································· 38
Configuration guidelines ··············································································································································· 39
Displaying intrusion detection statistics ···················································································································· 40
Overview ········································································································································································· 40
Configuration procedure ··············································································································································· 40
Configuring ARP attack protection ···························································································································· 43
Configuring periodic sending of gratuitous ARP packet ···························································································· 43
Introduction ···························································································································································· 43
Configuring periodic sending of gratuitous ARP packet in the web interface ················································ 44
Configuring periodic sending of gratuitous ARP packet at the CLI ·································································· 45
Configuring ARP automatic scanning and fixed ARP ································································································· 46
Introduction ···························································································································································· 46
Configuring ARP automatic scanning in the web interface ·············································································· 47
Configuring fixed ARP in the web interface ······································································································· 48
Configuring ARP automatic scanning and fixed ARP at the CLI ······································································· 49
Configuring TCP attack protection ···························································································································· 50
Overview ········································································································································································· 50
Enabling the SYN Cookie feature ································································································································ 50
Enabling protection against Naptha attacks ··············································································································· 51
Displaying and maintaining TCP attack protection ···································································································· 51
Configuring firewall ··················································································································································· 52
Overview ········································································································································································· 52
Configuring a packet-filter firewall ······························································································································· 52
Packet-filter firewall configuration task list ·········································································································· 52
Enabling the IPv6 firewall function ······················································································································ 53
Configuring the default filtering action of the IPv6 firewall ·············································································· 53
Configuring IPv6 packet filtering on an interface ······························································································ 53
Displaying and maintaining a packet filtering firewall ····················································································· 54
Configuring content filtering ······································································································································ 55
Overview ········································································································································································· 55
HTTP packet content filtering ································································································································ 55
SMTP packet content filtering ······························································································································· 56
POP3 packet content filtering ······························································································································· 56
FTP packet content filtering ··································································································································· 56
Telnet packet content filtering······························································································································· 57
Configuring content filtering ········································································································································· 57
Configuration guide ·············································································································································· 57
Configuring keyword filtering entries ·················································································································· 59
Configuring URL hostname filtering entries ········································································································· 61
Configuring filename filtering entries ·················································································································· 61
Configuring email address filtering entries ········································································································· 63
Configuring URL parameter filtering keywords ·································································································· 63
Configuring java blocking keywords ·················································································································· 64
Configuring ActiveX blocking keywords ············································································································· 65
Configuring an HTTP filtering policy ··················································································································· 66