beautypg.com

Figure 120 – H3C Technologies H3C SecBlade LB Cards User Manual

Page 241

background image

230

Figure 120 Configuring scanning detection for the untrusted zone

4.

Configure connection limits for the trusted zone:

a.

From the navigation tree, select Security > Intrusion Detection > Connection Limit.
The connection limit configuration page appears, as shown in

Figure 121

.

b.

Select the security zone Trust.

c.

Select Discard packets when the specified attack is detected.

d.

Select Enable connection limit per source IP and set the threshold to 100.

e.

Click Apply.

Figure 121 Configuring connection limit for the trusted zone

5.

Configure connection limits for the DMZ on the connection limit configuration page:

a.

Select the security zone DMZ.

b.

Select Discard packets when the specified attack is detected.

c.

Select Enable connection limit per dest IP and set the threshold to 10000.

d.

Click Apply.

Figure 122 Configuring connection limit for the DMZ

6.

Configure SYN flood detection for the DMZ:

a.

From the navigation tree, select Security > Intrusion Detection > SYN Flood.
The SYN flood detection confirmation page appears, as shown in

Figure 123

.

b.

Select the security zone DMZ.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: