Epson VIGOR 3300 User Manual

Vigor3300 Series User’s Guide

81

Pass immediately - Pass the packet immediately.

Block if no further match - means to locks the packet if no

further rules are matched.

Pass if no further match - means to passes the packet if no

further rules are matched.

Note: It is recommended placing pass rules in “pass” group and
block ones be in “block” group.

Next Group Name

It indicates the next filter group. If the option Block if no

further match or Pass if no further match of Block or Pass

parameter is selected, the unmatched packets will be compared

with rules in Next Group. The option None must be chosen

while Block or Pass is selected as Block or Pass.

Apply

Click this button to return to IP Filter Table setting page. The

new added rule information will be displayed on this page too.

Refer to the following graphic.

3

3

.

.

4

4

.

.

2

2

D

D

o

o

S

S

The DoS function helps to detect and mitigates DoS attacks. These include flooding-type

attacks and vulnerability attacks. Flooding-type attacks attempt to use up all your system's

resources while vulnerability attacks try to paralyze the system by offending the vulnerabilities

of the protocol or operation system.

In the Firewall group, click the DOS option. You will see the following page. The DoS

Defense Engine inspects each incoming packet against the attack signature database. Any

packet that may paralyze the host in the security zone is blocked. The DoS Defense Engine

also monitors traffic behavior. Any anomalous situation violating the DoS configuration is

reported and the attack is mitigated.