Distributed Denial-Of-Service Prevention - Watchguard Firebox X20E User Manual
Firmware version 8.6 all firebox x edge e-series standard and wireless models
Hide thumbs
Also See for Firebox X20E:
- Reference manual (78 pages) ,
- Quick start manual (12 pages) ,
- User manual (314 pages)
Table of Contents
Advertisement
Preventing Denial-of-Service Attacks
On the Firewall > Intrusion Prevention page, select the DoS Defense tab and set the packet/second
threshold for these types of DoS flood attacks:
IPSec flood attack
A DoS attack where the attacker overwhelms a computer system with a large number of IPSec
connections.
IKE flood attack
A DoS attack where the attacker overwhelms a computer system with a large number of IKE
(Internet Key Exchange) connections.
ICMP flood attack
A DoS attack where the attacker overwhelms a computer system with ICMP Echo Request (ping
packets).
SYN flood attack
A DoS attack where the attacker overwhelms a computer system with a large number of SYN
requests.
UDP flood attack
A DoS attack where the attacker overwhelms a computer system with a large number of UDP
(User Datagram Protocol) connections.
Distributed Denial-of-Service Prevention
Use the Distributed DoS prevention feature to set a maximum number of simultaneous connections
allowed to server or client computers protected by the Edge. If the total number of client or server con-
nections per second exceeds the connection limit you set, new connection packets are dropped.
132
Firebox X Edge e-Series
Hide quick links:
Advertisement
Table of Contents
