Manualshelf

User's Manual Part 2

ManualsBrandsSofaWare Technologies ManualsElectronicsSafe@Office/VPN-1 Edge
919293949596979899100
Using SmartDefense
Chapter 9: Setting Your Security Policy 231
IP and ICMP
This category allows you to enable various IP and ICMP protocol tests, and to
configure various protections against IP and ICMP-related attacks. It includes the
following:
Packet Sanity on page 231
Max Ping Size on page 233
IP Fragments on page 234
Network Quota on page 236
Welchia on page 237
Cisco IOS DOS on page 238
Null Payload on page 240
Packet Sanity
Packet Sanity performs several Layer 3 and Layer 4 sanity checks. These include
verifying packet size, UDP and TCP header lengths, dropping IP options, and
verifying the TCP flags.
You can configure whether logs should be issued for offending packets.