Preventing Denial-Of-Service Attacks; Dropping Flood Attacks - Watchguard Firebox X20E User Manual
Firmware version 8.6 all firebox x edge e-series standard and wireless models
Hide thumbs
Also See for Firebox X20E:
- Reference manual (78 pages) ,
- Quick start manual (12 pages) ,
- User manual (314 pages)
Table of Contents
Advertisement
In the Ports text box, type the name of the port you want to block. Click Add.
3
If you want the Edge to automatically block any external computer that tries to get access to a
4
blocked port, select the Auto-block sites that attempt to use blocked ports check box.
Preventing Denial-of-Service Attacks
The Firebox X Edge e-Series includes an integrated denial-of-service (DoS) protection feature to pro-
tect against some of the most common and frequent DoS and Distributed DoS (DDos) attacks used on
the Internet. A DoS attack is an attempt to make a computer resource unavailable to its intended users.
Most frequently, DoS attacks try to prevent an Internet site or service from efficient operation for some
period of time by using large amounts of bandwidth or resources on the system that is being attacked.
This type of attack is usually called a "flood. "
In a distributed denial of service (DDoS) attack, many different computers send traffic to a single target
computer at the same time. This causes the target computer to become so busy and use so many
resources trying to establish connections with each malicious computer that it cannot handle legiti-
mate traffic.
Dropping Flood Attacks
You can configure the Edge to protect you from the most common DoS flood attacks. For each type of
DoS flood attack, configure the Edge with a limit on the number of new connection packets per second
that are allowed to pass through an interface. The Edge drops packets that exceed the configured limit.
User Guide
Preventing Denial-of-Service Attacks
131
Hide quick links:
Advertisement
Table of Contents
