The Dos Screen - ZyXEL Communications SBG3500-N000 User Manual

Table 76 Access Control: Add/Edit (continued)
LABEL
Order
Direction
Select Source
Device
Source IP
Address
Select
Destination
DevicSBG3500-
Ne
Destination IP
Address
IP Type
Select Service
Protocol
Custom Source
Port
Custom
Destination Port
Policy
Enable Rate
Limit
Scheduler Rules Select a schedule rule for this ACL rule form the drop-down list box. You can configure a
Filter
Description
Apply
Cancel

15.5 The DoS Screen

DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and
connection requests, using so much bandwidth and so many resources that Internet access
becomes unavailable.
SBG3500-N000 User's Guide
DESCRIPTION
Select the order of the ACL rule.
Select the direction of the ACL rule. You may select from WAN to LAN, WAN to Router,
WAN to DMZ, LAN to WAN, LAN to Router, LAN to DMZ, DMZ to WAN, DMZ to LAN,
and DMZ to Router. The DMZ zone is available when there's a specified DMZ group.
Select the source device to which the ACL rule applies. If you select Specific IP Address,
enter the source IP address in the field below.
Enter the source IP address.
Select the destination device to which the ACL rule applies. If you select Specific IP
Address, enter the destiniation IP address in the field below.
Enter the destination IP address.
Select whether your IP type is IPv4 or IPv6.
Select the transport layer protocol that defines your customized port from the drop-down
list box. The specific protocol rule sets you add in the Security > Firewall > Service >
Add screen display in this list.
If you want to configure a customized protocol, select Specific Service.
This field is displayed only when you select Specific Protocol in Select Protocol.
Choose the IP port (TCP/UDP, TCP, UDP, ICMP, or ICMPv6) that defines your customized
port from the drop-down list box.
This field is displayed only when you select Specific Protocol in Select Protocol.
Enter a single port number or the range of port numbers of the source.
This field is displayed only when you select Specific Protocol in Select Protocol.
Enter a single port number or the range of port numbers of the destination.
Use the drop-down list box to select whether to discard (DROP), deny and send an ICMP
destination-unreachable message to the sender of (REJECT) or allow the passage of
(ACCEPT) packets that match this rule.
Select this check box to set a limit on the upstream/downstream transmission rate for the
specified protocol.
Specify how many packets per minute or second the transmission rate is.
new schedule rule by click Add New Rule. This will bring you to the Security > Scheduler
Rules screen.
Type a description of the Filter of this ACL rule. This field is optional.
Click Apply to save your changes.
Click Cancel to exit this screen without saving.
Chapter 15 Firewall
241