H3C Technologies H3C SecPath F1000-E User Manual
Page 31
23
Figure 24 Configuring connection limit for the trusted zone
Perform the following operations on the page:
•
Select zone Trust.
•
Select the Discard packets when the specified attack is detected option.
•
Select the Enable connection limit per source IP option and set the threshold to 100.
•
Click Apply.
# Configure connection limits for the DMZ as shown in
Figure 25 Configuring connection limit for the DMZ
Perform the following operations on the page:
•
Select zone DMZ.
•
Select the Discard packets when the specified attack is detected option.
•
Select the Enable connection limit per dest IP option and set the threshold to 10000.
•
Click Apply.
# Configure SYN flood detection for the DMZ.
From the navigation tree, select Intrusion Detection > Traffic Abnormality > SYN Flood. The SYN flood
detection confirmation page appears.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS