Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual
Page 631
11
•
Configure source IP address-based connection limit for the trusted zone, and set the number of
connections each host can initiate to 100.
•
Configure destination IP address-based connection limit for the DMZ, and set the number of
connections the server can accommodate to 10000.
•
Configure SYN flood detection for the DMZ, and set the connection rate of the server to 5000
connections per second (which value is proper depends on the performance of the server). And
configure the device to block subsequent connections to the server after an attack is detected.
Figure 11 Network diagram for traffic abnormality detection configuration
Configuration procedure
# Assign IP addresses to interfaces. (Omitted)
# Enable the blacklist feature.
From the navigation tree, select Intrusion Detection > Blacklist to bring up the blacklist
management page and perform configuration as shown in
.
Figure 12 Enable the blacklist feature
•
In the Global Configuration area, select the Enable Blacklist option.
•
Click Apply.
# Configure scanning detection for the untrusted zone.