Firewall
7.1
Demands
1.
Administrators detect that PC1_1 in LAN1 is doing something that may hurt our company and should instantly block his
traffic towards the Internet.
2.
A DMZ server was attacked by SYN-Flooding attack and requires the DFL-900 to protect it.
7.2
Objectives
1.
Block the traffic from PC1_1 in LAN1 to the Internet in WAN1.
2.
Start the SYN-Flooding protection.
7.3
Methods
1.
Add a LAN1-to-WAN1 Firewall rule to block PC1_1.
2.
Start the SYN-Flooding protection by detecting statistical half-open TCP connections.
This chapter introduces firewall and explains how to implement it.
Figure 7-1 Setting up the firewall rule
39
DFL-900 User Manual
Chapter 7
Firewall