HP VPN Firewall Appliances Attack Protection Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

16

Figure 15 Adding a SYN flood detection rule

5. Configure a SYN flood detection rule, as described in Table 6.

6. Click Apply.

Table 6 Configuration items

Item

Descri

p

tion

Protected Host

Configuration

IP Address

Specify the IP address of the protected

host.

By default, the silent

threshold is three quarters

of the action threshold

that is 1000 packets per

second.

Action

Threshold

Set the protection action threshold for SYN

flood attacks that target the protected host.

If the sending rate of SYN packets

destined for the specified IP address

constantly reaches or exceeds this

threshold, the device enters the attack

protection state and takes attack

protection actions as configured.

Silent

Threshold

Set the silent threshold for actions that

protect against SYN flood attacks

targeting the protected host.

If the sending rate of SYN packets

destined for the specified IP address drops

below this threshold, the device returns to

the attack detection state and stops the

protection actions.

Global

Configuration of

Security Zone

Action

Threshold

Set the protection action threshold for SYN

flood attacks that target a host in the

protected security zone.

If the sending rate of SYN packets

destined for a host in the security zone

constantly reaches or exceeds this

threshold, the device enters the attack

protection state and takes attack

protection actions as configured.

By default, the silent

threshold is three quarters

of the action threshold

that is 1000 packets per

second.