User manual

 16‐PortGigabitEthernetPoE+Web‐ManagedSwitchwith2SFPPorts

37



6.5.1.2 DoS

Adenial‐of‐service(DoS)attackisanattempttomakeamachineornetworkresourceunavailabletoitsintendedusers

suchastotemporarilyorindefinitelyinterruptorsuspendservicesofahostconnectedtotheInternet.TheIntellinet

switchhasintegratedmechanismstocounterpossibleDoSattackssuchaslandattacksorillegalTCP/IPpackets.There

areconfigurationoptions.Yousimplyactivateordeactivatethisfeature.



6.5.1.3 IPSourceGuard

IPSourceGuardisasecurityfeaturethatrestrictsIPtrafficonuntrustedLayer2portsbyfilteringtrafficbasedonthe

DHCPsnoopingbindingtable(seesection6.5.1.1)ormanuallyconfiguredIPsourcebindings.Equippedwiththisfeature,

theIntellinetswitchhelpspreventIPspoofingattacks.AnIPspoofingattackiswhenahosttriestospoof(fake)anduse

theIPaddressofanotherhostinordertointercepttrafficboundforthathost.

IfyouenableIPSourceGuardforaportinitially,allIPtrafficontheprotectedportisblockedexceptforDHCPpackets.

AfteraclientreceivesanIPaddressfromtheDHCPserveralltrafficwiththatIPsourceaddressispermittedfromthat

client.InsteadofaDHCPserver,it'spossibletoprovidestaticIPsourcebinding,whichiscalled“newsecurityport”on

theIntellinetswitchwebadminUI.



Item Description

PleaseselecttheIPsourceto

protecttheport:

Selecttheport(orports)thatyouwishtoprotectbyIPSourceGuard.The

exampleaboveshowsthatIPSourceGuardisenabledforport14.Note

thatIPSourceGuardisn’tsupportedonTrunkoraggregatedports.



