beautypg.com

H3C Technologies H3C SecPath F1000-E User Manual

Page 632

background image

12

From the navigation tree, select Intrusion Detection > Traffic abnormality > Scanning
Detection to enter the scanning detection configuration page and perform configurations shown in

Figure 13

.

Figure 13 Configure scanning detection for the untrusted zone

Select zone Untrust.

Select the Enable Scanning Detection option.

Set the scanning threshold to 4500 connections per second.

Select the Add the source IP to the blacklist option.

Click Apply.

# Configure connection limit for the trusted zone.
From the navigation tree, select Intrusion Detection > Traffic Abnormality > Connection Limit
to enter the connection limit configuration page and perform the configurations shown in

Figure 14

.

Figure 14 Configure connection limit for the trusted zone

Select zone Trust.

Select the Discard packets when the specified attack is detected option.

Select the Enable connection limit per source IP option and set the threshold to 100.

Click Apply.

# Configure connection limit for the DMZ as shown in

Figure 15

.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: