Cisco 500 Series Administration Manual page 469
Stackable managed
Hide thumbs
Also See for 500 Series:
- Configuration manual (1140 pages) ,
- Administration manual (485 pages) ,
- Quick start manual (72 pages)
Table of Contents
Advertisement
21
STEP 1
STEP 2
STEP 3
STEP 4
467
SYN Filtering
The SYN Filtering page enables filtering TCP packets that contain a SYN flag, and
are destined for one or more ports.
To define a SYN filter:
Click Security > Denial of Service Prevention > SYN Filtering.
Click Add.
Enter the parameters.
•
Interface—Select the interface on which the filter is defined.
•
IPv4 Address—Enter the IP address for which the filter is defined, or select
All Addresses.
•
Network Mask—Enter the network mask for which the filter is enabled in IP
address format.
•
TCP Port—Select the destination TCP port being filtered:
-
Known Ports—Select a port from the list.
-
User Defined—Enter a port number.
-
All Ports—Select to indicate that all ports are filtered.
Click Apply. The SYN filter is defined, and the Running Configuration file is
updated.
SYN Rate Protection
The SYN Rate Protection page enables limiting the number of SYN packets
received on the ingress port. This can mitigate the effect of a SYN flood against
servers, by rate limiting the number of new connections opened to handle
packets.
This feature is only available when the device is in Layer 2 system mode in Sx300
and SG500 devices and in SG500X and SG500XG devices in Native mode.
Cisco 500 Series Stackable Managed Switch Administration Guide
Security
Denial of Service Prevention
Hide quick links:
Advertisement
Table of Contents
