Table of Contents
Advertisement
Configuring SYN Protector Rulebase Rules (NSM Procedure)
Copyright © 2010, Juniper Networks, Inc.
The SYN protector rulebase protects your network from malicious SYN-flood attacks.
To configure a SYN protector rulebase rule:
In the NSM navigation tree, select Policy Manager > Security Policies.
1.
Select and double-click the security policy to which you want to add the SYN
2.
protector rulebase rule.
Click New in the upper right corner of the policy viewer and select Add SYN Protector
3.
Rulebase.
Click the New button within the rules viewer to add a rule.
4.
Modify the property of the rule by right-clicking the table cell for the property and
5.
making your modifications.
Configure or modify the rule using the settings described in Table 31 on page 49.
6.
Table 31: SYN Protector Rulebase Rule Properties
Option
No
Match > Source
Match > Destination
Match > Service
Function
Specifies if you want to add,
delete, copy, or reorder rules.
Specifies the address object
that is the source of the
traffic.
Specifies the address object
that is the destination of the
traffic, typically a server or
other device on your network.
Specifies service objects in
rules to service an attack to
access your network.
Chapter 4: Configuring Security Policies
Your Action
Right-click the table cell for the
rule number and make your
required modifications.
Select any to monitor network
traffic originating from any IP
address.
NOTE: You can also negate one
or more address objects to specify
all sources except the excluded
object.
Select the destination object.
NOTE: You can also negate one
or more address objects to specify
all destinations except the
excluded object.
Set a service by selecting any of
the available options.
NOTE: We recommend that you
do not change the default value,
TCP-ANY.
49
Advertisement
Table of Contents
Troubleshooting
