Table of Contents
Advertisement
DFL-900/1500 User Manual
10.1 Demands
1.
Administrators detect that PC1_1 in LAN_1 is doing something that may hurt our company and should instantly block his
traffic towards the Internet.
2.
On the Internet, a denial of service (DoS) attack is an incident in which a user or organization is deprived of the services of
a resource they would normally expect to have. Typically, the loss of service is the inability of a particular network service,
such as e-mail, to be available or the temporary loss of all network connectivity and services. In the worst cases, for
example, a Web site accessed by millions of people can occasionally be forced to temporarily cease operation. A denial of
service attack can also destroy programming and files in a computer system. Although usually intentional and malicious, a
denial of service attack can sometimes happen accidentally. A denial of service attack is a type of security breach to a
computer system that does not usually result in the theft of information or other security loss. However, these attacks can
cost the target person or company a great deal of time and money. Now, suppose a DMZ server was attacked by
SYN-Flooding attack and requires the DFL-1500 to protect it.
10.2 Objectives
1.
Block the traffic from PC1_1 in LAN1 to the Internet in WAN1.
2.
Start the SYN-Flooding protection.
10.3 Methods
1.
Configure the Address/Service/Schedule first.
2.
Add a LAN1-to-WAN1 Firewall rule to block PC1_1.
3.
Start the SYN-Flooding protection by detecting statistical half-open TCP connections.
This chapter introduces firewall and explains how to implement it.
Figure 10-1 Setting up the firewall rule
91
Chapter 10
Firewall
Chapter 10
Firewall
Advertisement
Table of Contents
Troubleshooting
