Manualshelf

HP VPN Firewall Appliances Attack Protection Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
21
Figure 22 Configuring connection limit for the DMZ
6. Configure SYN flood detection for the DMZ:
a. From the navigation tree, select Intrusion Detection > Traffic Abnormality > SYN Flood.
The SYN flood detection confirmation page appears, as shown in Figure 23.
b. Select the security zone DMZ.
c. In the Attack Prevention
Policy area, select Discard packets when the specified attack is
detected.
d. Clic
k Apply.
Figure 23 Configuring SYN flood detection for the DMZ
e. In the SYN Flood Configuration area, click Add.
f. The SYN flood attack detection page appears, as shown in Figure 24.
g. Select Protected Host Configuration. Enter the IP address 10.1.1.2. Set the acti
on threshold to
5000 packets per second and the silent threshold to 1000 packets per second.
h. Click Apply.