Security
Denial of Service Prevention
411 Cisco 500 Series Stackable Managed Switch Administration Guide Release 1.3
20
STEP 3 To add a Martian address click Add.
STEP 4 Enter the parameters.
• IP Version—Indicates the supported IP version. Currently, support is only
offered for IPv4.
• IP Address—Enter an IP addresses to reject. The possible values are:
-
From Reserved List
—Select a well-known IP address from the reserved
list.
-
New IP Address
—Enter an IP address.
• Mask—Enter the mask of the IP address to define a range of IP addresses to
reject. The values are:
-
Network Mask
—Network mask in dotted decimal format.
-
Prefix Length
—Enter the prefix of the IP address to define the range of IP
addresses for which Denial of Service prevention is enabled.
STEP 5 Click Apply. The Martian addresses are written to the Running Configuration file.
SYN Filtering
The SYN Filtering page
enables
filtering TCP packets that contain a SYN flag, and
are destined for one or more ports.
To define a SYN filter:
STEP 1 Click Security > Denial of Service Prevention > SYN Filtering.
STEP 2 Click Add.
STEP 3 Enter the parameters.
• Interface—Select the interface on which the filter is defined.
• IPv4 Address—Enter the IP address for which the filter is defined, or select
All Addresses.
• Network Mask—Enter the network mask for which the filter is enabled in IP
address format.
• TCP Port—Select the destination TCP port being filtered:
- Known Ports—Select a port from the list.
To Next Page
Loading...
