21. Anomaly Flow IP
AirLive RS-2500 User’s Manual
184
hen the RS-2500 had detected attacks from hackers and internal PC who are sending
rge DDoS attacks. The
Anomaly Flow IP
will start on blocking these packets to maintain
e whole network.
this chapter, we will have the detailed illustration about
Anomaly Flow IP
:
Define the required fields of Virus-infected IP
The threshold sessions of virus-infected (per source IP):
When the session number (per source IP) has exceeded the limitation of anomaly
o be anom ly flow IP
flow IP or send the
n.
ected IP Blocking:
RS-2500 can block the sessions of virus-infected IP
as any anomaly flow occurred.
21
21.
Anomaly Flow IP
W
la
th
In
flow sess
and mak
notificatio
Virus-inf
ions per source IP, RS-2500 will take this kind of IP t
e some actions. For example, block the anomaly
a
Notification:
RS-2500 can notice the user and system administrator by e-mail or NetBIOS
notification
d
After System Manager enable
Anomaly Flow IP
, if the RS-2500 has
arm message will appear in
mail Alert
etected any abnormal situation, the al
Virus-infected IP
. And if the system manager starts the
E-
Notification
in
Settings
, the device will send e-mail to alarm the
system manager automatically.
Summary of Contents for RS-2500
Page 1: ...User s Manual Dual WAN Security VPN Gateway RS 2500 ...
Page 218: ...22 Monitor 213 AirLive RS 2500 User s Manual Figure 22 23 To Detect WAN Statistics ...
Page 220: ...22 Monitor 215 AirLive RS 2500 User s Manual Figure 22 25 To Detect Policy Statistics ...
Page 224: ...22 Monitor 219 AirLive RS 2500 User s Manual Figure 22 30 Traceroute Results ...