H3C Technologies H3C SecPath F1000-E User Manual
Page 31
23
Figure 24 Configuring connection limit for the trusted zone
Perform the following operations on the page:
•
Select zone Trust.
•
Select the Discard packets when the specified attack is detected option.
•
Select the Enable connection limit per source IP option and set the threshold to 100.
•
Click Apply.
# Configure connection limits for the DMZ as shown in
Figure 25 Configuring connection limit for the DMZ
Perform the following operations on the page:
•
Select zone DMZ.
•
Select the Discard packets when the specified attack is detected option.
•
Select the Enable connection limit per dest IP option and set the threshold to 10000.
•
Click Apply.
# Configure SYN flood detection for the DMZ.
From the navigation tree, select Intrusion Detection > Traffic Abnormality > SYN Flood. The SYN flood
detection confirmation page appears.