beautypg.com

Packet inspection configuration example, Network requirements, Configuring the lb product – H3C Technologies H3C SecBlade LB Cards User Manual

Page 230

background image

219

Packet inspection configuration example

Network requirements

As shown in

Figure 108

, the internal network is the trusted zone and the external network is the untrusted

zone.
Configure the LB product to protect the trusted zone against Land attacks and Smurf attacks from the
untrusted zone.

Figure 108 Network diagram

Configuring the LB product

1.

Assign IP addresses and security zones to interfaces. (Details not shown.)

2.

Enable Land attack detection and Smurf attack detection for the untrusted zone:

a.

From the navigation tree, select Security > Intrusion Detection > Packet Inspection.
The packet inspection configuration page appears, as shown in

Figure 109

.

b.

Select Untrust from the Zone list. Then select Discard Packets when the specified attack is

detected, Enable Land Attack Detection, and Enable Smurf Attack Detection.

c.

Click Apply.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: