DefensePro User Guide
Security Configuration
Document ID: RDWR-DP-V0602_UG1201
131
Configuring Global HTTP Flood Protection
The HTTP Mitigator detects and mitigates HTTP request flood attacks to protect Web servers. The
HTTP Mitigator collects and builds a statistical model of the protected server traffic, and then, using
fuzzy logic inference systems and statistical thresholds, detects traffic anomalies and identifies the
malicious sources.
To configure global HTTP Flood Protection
1. In the Configuration perspective Security Settings tab navigation pane, select HTTP Flood
Protections.
2. Configure the parameters; and then, click
(Submit) to submit the changes.
Table 64: HTTP Mitigator Parameters
Parameter
Description
Basic Parameters
Enable HTTP Mitigator
Specifies whether the HTTP Mitigator is enabled on the device.
HTTP flood protection must be enabled to set HTTP flood protection
parameters.
Default: Enabled
Learning Period before
Activation
The time, in days, DefensePro takes to collect the data needed to
establish the baseline that HTTP Mitigation uses.
Values: 0–65,536
Default: 7
Learning Mode
The learning mode of the HTTP Mitigator.
Values:
•
Continuous Only—The learning process about the traffic
environment is continuous.
•
Automatic—DefensePro can switch to 24x7 learning when it
detects a recurring pattern per hour of the day of the week in a
period of 4, 8, or 12 weeks (based on sensitivity).
Learning Sensitivity
The period from which DefensePro establishes baselines. Select the
time unit based on the site characteristics. For example, if the site
traffic fluctuates during the course of a day, but fluctuates the same
way each day, select Day; but if there are significant fluctuations
between the days of the week, select Week.
Values: Day, Week, Month
Default: Week
Mitigation Failure Condition
The number of automatic attempts the device makes before
announcing it cannot mitigate the attack.
Values: 1–100
Default: 3
Содержание DefensePro 6.02
Страница 1: ...DefensePro User Guide Software Version 6 02 Document ID RDWR DP V0602_UG1201 January 2012 ...
Страница 2: ...DefensePro User Guide 2 Document ID RDWR DP V0602_UG1201 ...
Страница 20: ...DefensePro User Guide 20 Document ID RDWR DP V0602_UG1201 ...
Страница 28: ...DefensePro User Guide Table of Contents 28 Document ID RDWR DP V0602_UG1201 ...
Страница 116: ...DefensePro User Guide Device Network Configuration 116 Document ID RDWR DP V0602_UG1201 ...
Страница 256: ...DefensePro User Guide Managing Device Operations and Maintenance 256 Document ID RDWR DP V0602_UG1201 ...
Страница 274: ...DefensePro User Guide Monitoring DefensePro Devices and Interfaces 274 Document ID RDWR DP V0602_UG1201 ...
Страница 302: ...DefensePro User Guide Real Time Security Reporting 302 Document ID RDWR DP V0602_UG1201 ...
Страница 308: ...DefensePro User Guide Administering DefensePro 308 Document ID RDWR DP V0602_UG1201 ...
Страница 324: ...DefensePro User Guide Troubleshooting 324 Document ID RDWR DP V0602_UG1201 ...