Configuring scanning detection – H3C Technologies H3C SecBlade LB Cards User Manual
Page 238
227
Figure 116 Connection limit configuration page
2.
Configure the connection limits for the security zone, as described in
.
3.
Click Apply.
Table 29 Configuration items
Item Description
Security Zone
Select a security zone to perform connection limit
configuration for it.
Discard packets when the specified attack is detected
Select this option to discard subsequent packets
destined for or sourced from an IP address when the
number of the connections for that IP address has
exceeded the limit.
Enable connection limit per source IP
Select the option to set the maximum number of
connections that can be present for a source IP
address.
Threshold
Enable connection limit per dest IP
Select the option to set the maximum number of
connections that can be present for a destination IP
address.
Threshold
Configuring scanning detection
Scanning detection is intended to detect scanning behaviors and is usually configured for an external
zone.
To configure scanning detection:
1.
From the navigation tree, select Security > Intrusion Detection > Scanning Detection.
The scanning detection configuration page appears.
Figure 117 Scanning detection configuration page
2.
Configure the scanning detection rule for the security zone, as described in
.
3.
Click Apply.