Cisco 350 Series Administration Manual page 511

Managed switches

Hide thumbs Also See for 350 Series:

Table of Contents

Block packets that contain reserved Martian addresses

Prevent TCP connections from a specific interface

(SYN Rate Protection

Configure the blocking of certain ICMP packets

Discard fragmented IP packets from a specific interface

Deny attacks from Stacheldraht Distribution, Invasor Trojan, and Back Orifice Trojan

(Security Suite Settings

Dependencies Between Features

ACL and advanced QoS policies are not active when a port has DoS Protection enabled on it.

An error message appears if you attempt to enable DoS Prevention when an ACL is defined on

the interface or if you attempt to define an ACL on an interface on which DoS Prevention is

A SYN attack cannot be blocked if there is an ACL active on an interface.

Default Configuration

The DoS Prevention feature has the following defaults:

The DoS Prevention feature is disabled by default.

SYN-FIN protection is enabled by default (even if DoS Prevention is disabled).

If SYN protection is enabled, the default protection mode is Block and Report. The

default threshold is 30 SYN packets per second.

All other DoS Prevention features are disabled by default.

Security Suite Settings

Before activating DoS Prevention, you must unbind all Access Control Lists (ACLs) or

advanced QoS policies that are bound to a port. ACL and advanced QoS policies are not active

when a port has DoS Protection enabled on it.

Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4

Denial of Service Prevention

(Martian Addresses

(SYN Filtering

page) and rate limit

(ICMP Filtering

IIP Fragments Filtering

Show Quick Links

Table of Contents