Advertisement
II-2-2 Defense Setup
As a sub-functionality of IP Filter/Firewall, there are several types of detect / defense function in the
DoS Defense setup. In default, the DoS Defense is disabled.
Available settings are explained as follows:
Item
Enable DoS Defense
Flood Defense
Description
Defense Setup
Switch the toggle to enable/disable the DoS Defense.
+Add – Click it set profiles for flood defense. Up to 6 profiles can be
created.
Interface – Select a WAN interface.
SYN Flood – Switch the toggle to enable/disable SYN flood defense.
When the arrival rate of SYN packets exceeds the Threshold value, the
router will start to randomly discard TCP SYN packets for a period of
time as defined in Timeout. This is to prevent TCP SYN packets from
exhausting router resources.
SYN Flood Packet Rate – The default values of threshold and
timeout are 2000 packets per second and 10 seconds,
respectively.
ICMP Flood – Switch the toggle to enable/disable the ICMP flood
defense. When the arrival rate of ICMP packets exceeds the Threshold
value, the router will start to randomly discard TCP SYN packets for a
period of time as defined in Timeout.
ICMP Flood Packet Rate – The default values of threshold and
timeout are 250 packets per second and 10 seconds,
respectively.
UDP Flood – Switch the toggle to enable/disable UDP flood defense.
When the arrival rate of UDP packets exceeds the Threshold value, the
router will start to randomly discard TCP SYN packets for a period of
time as defined in Timeout.
UDP Flood Packet Rate – The default values of threshold and
timeout are 5000 packets per second and 10 seconds,
respectively.
169
Advertisement
Need help?
Do you have a question about the Vigor2136 Series and is the answer not in the manual?