Configuring udp flood detection, Table 5 – H3C Technologies H3C SecPath F1000-E User Manual

Page 21

Advertising
background image

13

Table 5 Configuration items

Item

Description

Protected Host
Configuration

IP Address

Specify the IP address of the protected host.

Action Threshold

Set the protection action threshold for ICMP flood attacks that
target the protected host.
If the sending rate of ICMP packets destined for the specified IP

address constantly reaches or exceeds this threshold, the firewall
enters the attack protection state and takes attack protection

actions as configured.

Silent Threshold

Set the silent threshold for actions that protect against ICMP flood
attacks targeting the protected host.
If the sending rate of ICMP packets destined for the specified IP

address drops below this threshold, the firewall returns to the
attack detection state and stops the protection actions.

Global Configuration
of Security Zone

Action Threshold

Set the protection action threshold for ICMP flood attacks that
target a host in the protected security zone.
If the sending rate of ICMP packets destined for a host in the
security zone constantly reaches or exceeds this threshold, the

firewall enters the attack protection state and takes attack
protection actions as configured.

Silent Threshold

Set the silent threshold for actions that protect against ICMP flood
attacks targeting a host in the protected security zone.
If the sending rate of ICMP packets destined for a host in the
security zone drops below this threshold, the firewall returns to

the attack detection state and stops the protection actions.

NOTE:

Host-specific settings take precedence over the global settings for security zones.

Configuring UDP flood detection

NOTE:

UDP flood detection is mainly intended to protect servers and is usually configured for an internal zone.

From the navigation tree, select Intrusion Detection > Traffic Abnormality > UDP Flood to enter the UDP

flood detection configuration page, as shown in

Figure 13

. You can select a security zone and then view

and configure UDP flood detection rules for the security zone.

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals