Dynamic Defense; Table 18: Ucm6100 Firewall Dynamic Defense - Grandstream Networks UCM6100 Series User Manual

Save the change and click on "Apply" button. Then submit the configuration by clicking on "Apply
Changes" on the upper right of the web page. The new rule will be listed at the bottom of the page with
sequence number, rule name, action, protocol, type, source, destination and operation. More operations
below:
Click on to edit the rule
•
Click on to delete the rule
•
DYNAMIC D EFENSE
Dynamic defense is supported on the UCM6100 series. It can blacklist hosts dynamically when the LAN
mode is set to "Route" under web GUI-­>Settings-­>Network Settings-­>Basic Settings page. If enabled,
the traffic coming into the UCM6100 can be monitored, which helps prevent massive connection attempts
or brute force attacks to the device. The blacklist can be created and updated by the UCM6100 firewall,
which will then be displayed in the web page. Please refer to the following table for dynamic defense
options on the UCM6100.
Dynamic Defense
Enable
Periodical Time
Interval
Blacklist Update
Interval
Connection
Threshold
Dynamic Defense
Whitelist
The following figure shows a configuration example like this:
Firmware Version 1.0.9.26
Table 18: UCM6100 Firewall Dynamic Defense
Enable dynamic defense. The default setting is disabled.
Configure the dynamic defense periodic time interval (in minutes). If the
number of TCP connections from a host exceeds the connection threshold
within this period, this host will be added into Blacklist. The valid value is
between 1 and 59 when dynamic defense is turned on. The default setting is
59.
Configure the blacklist update time interval (in seconds). The default setting is
120.
Configure the connection threshold. Once the number of connections from the
same host reaches the threshold, it will be added into the blacklist. The default
setting is 100.
Configure the dynamic defense whitelist.
For example,
192.168.1.3
192.168.1.4
UCM6100 Series IP PBX User Manual Page 69 of 304