Manualshelf

HP VPN Firewall Appliances Attack Protection Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
20
3. Configure scanning detection for the untrusted zone:
a. From the navigation tree, select Intrusion Detection > Traffic abnormality > Scanning Detection.
The scanning detection configuration page appears, as shown in Figure 20.
b. Select the security zone Untrust.
c. Selec
t Enable Scanning Detection.
d. Set the scanning threshold to 4500 connection
s per second.
e. Select Add the source IP to the blacklist.
f. Click Apply.
Figure 20 Configuring scanning detection for the untrusted zone
4. Configure connection limits for the trusted zone:
a. From the navigation tree, select Intrusion Detection > Traffic Abnormality > Connection Limit.
The connection limit configuration page appears, as shown in Figure 21.
b. Select the security zone Trust.
c. Selec
t Discard packets when the specified attack is detected.
d. Selec
t Enable connection limit per source IP and set the threshold to 100.
e. Click Apply.
Figure 21 Configuring connection limit for the trusted zone
5. Configure connection limits for the DMZ on the connection limit configuration page:
a. Select the security zone DMZ.
b. Select Discard packets when the specified attack is detected.
c. Select Enable connection limit per dest IP and set the threshold to 10000.
d. Click Apply.