FortiGate IPS User Guide Version 3.0 MR7
54
01-30007-0080-20080916
Configuring SYN flood protection
SYN flood attacks
Configuring SYN flood protection
To configure the SYN flood protection
1
Go to
Intrusion Protection > DoS Sensor
.
2
Select
Create New.
3
Configure the options for tcp_syn_flood.
4
Select OK.
Figure 18: Configuring the syn_flood anomaly
Suggested settings for different network conditions
The main setting that impacts the efficiency of the pseudo SYN proxy in detecting
SYN floods is the threshold value. The default threshold is 2000. Select an
appropriate value based on network conditions. Normally, if the servers being
protected by the FortiGate unit need to handle heavier requests, such as a busy
web server, the threshold should be set to a higher value. If the network carries
lighter traffic, the threshold should be set to a lower value.
Содержание FortiGate 3.0 MR7
Страница 1: ...www fortinet com FortiGate IPS User Guide Version 3 0 MR7 U S E R G U I D E...
Страница 50: ...FortiGate IPS User Guide Version 3 0 MR7 50 01 30007 0080 20080916 Understanding the anomalies DoS sensors...
Страница 60: ...FortiGate Version 3 0 MR7 IPS User Guide 60 01 30007 0080 20080916 Index T technical support 8...
Страница 61: ...www fortinet com...
Страница 62: ...www fortinet com...