Dynamic defense, Table 18: ucm6100 firewall dynamic defense – Grandstream UCM6100 User Manual for 1.0.9.25 User Manual
Page 70
Firmware Version 1.0.9.25
UCM6100 Series IP PBX User Manual
Page 69 of 303
Save the change and click on "Apply" button. Then submit the configuration by clicking on "Apply
Changes" on the upper right of the web page. The new rule will be listed at the bottom of the page with
sequence number, rule name, action, protocol, type, source, destination and operation. More operations
below:
• Click on
to edit the rule
• Click on
to delete the rule
DYNAMIC DEFENSE
Dynamic defense is supported on the UCM6100 series. It can blacklist hosts dynamically when the LAN
mode is set to "Route" under web GUI->Settings->Network Settings->Basic Settings page. If enabled,
the traffic coming into the UCM6100 can be monitored, which helps prevent massive connection attempts
or brute force attacks to the device. The blacklist can be created and updated by the UCM6100 firewall,
which will then be displayed in the web page. Please refer to the following table for dynamic defense
options on the UCM6100.
Table 18: UCM6100 Firewall Dynamic Defense
Dynamic Defense
Enable
Enable dynamic defense. The default setting is disabled.
Periodical Time
Interval
Configure the dynamic defense periodic time interval (in minutes). If the
number of TCP connections from a host exceeds the connection threshold
within this period, this host will be added into Blacklist. The valid value is
between 1 and 59 when dynamic defense is turned on. The default setting is
59.
Blacklist Update
Interval
Configure the blacklist update time interval (in seconds). The default setting is
120.
Connection
Threshold
Configure the connection threshold. Once the number of connections from the
same host reaches the threshold, it will be added into the blacklist. The default
setting is 100.
Dynamic Defense
Whitelist
Configure the dynamic defense whitelist.
For example,
192.168.1.3
192.168.1.4
The following figure shows a configuration example like this: