Draytek vigor3900 User Manual page 188
Multi-wan security appliance
Hide thumbs
Also See for vigor3900:
- User manual (516 pages) ,
- Quick start manual (22 pages) ,
- User manual (30 pages)
Table of Contents
Advertisement
4
.
4
.
2
.
2
S
y
s
t
e
m
4
.
4
.
2
.
2
S
y
s
t
e
m
In the Firewall group, click the DOS Defense and click the tab of System. You will see the
following page. The DoS Defense Engine inspects each incoming packet against the attack
signature database. Any packet that may paralyze the host in the security zone is blocked.
The DoS Defense Engine also monitors traffic behavior. Any anomalous situation violating
the DoS configuration is reported and the attack is mitigated.
Available parameters are listed as follows:
Item
Enable
Block SYN Flood
SYN Flood Threshold
SYN Flood Timeout
Block ICMP Flood
ICMP Flood Threshold
ICMP Flood Timeout
Block UDP Flood
Description
Check the box to enable this profile.
Click Enable to activate the SYN flood defense function.
If the amount of TCP SYN packets from the Internet exceeds
the user-defined threshold value, the router will be forced to
randomly discard the subsequent TCP SYN packets within
the user-defined timeout period.
The default setting for threshold is 300 packets per second.
The default setting for timeout is 10 seconds.
Click Enable to activate the ICMP flood defense function.
If the amount of ICMP echo requests from the Internet
exceeds the user-defined threshold value, the router will
discard the subsequent echo requests within the user-defined
timeout period.
The default setting for threshold is 300 packets per second.
The default setting for timeout is 10 seconds.
Click Enable to activate the UDP flood defense function.
If the amount of UDP packets from the Internet exceeds the
user-defined threshold value, the router will be forced to
180
Vigor3900 Series User's Guide
Advertisement
Table of Contents
Troubleshooting
