EasyManuals Logo

ELTEX ESR Series User Manual

ELTEX ESR Series
575 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #422 background imageLoading...
Page #422 background image
ESR-Series. User manual
422
Step Description Command Keys
34 Specify threshold handling method. esr(config-ips-category-rule)#
threshold type
{threshold | limit | both }
threshold – display a
message every time a
threshold is reached.
limit – issue a message
no more than <COUNT>
times per time interval
<SECOND>.
both – threshold and
limit combination.
A message will be generated if
during the <SECOND> time
interval there were <COUNT> or
more packets matching the rule
conditions, and the message
will be sent only once during
the <SECOND> time interval.
35 Activate a rule. esr(config-ips-category-rule)#
enable
13.6.6 Basic user rules configuration example
Objective:
Write a rule to protect a server with IP 192.168.1.10 from a DOS attack by large ICMP packets.
Solution:
Create a set of user rules:
esr(config)# security ips-category user-defined USER
Create a rule to protect against attack:
esr(config-ips-category)# rule 10
esr(config-ips-category-rule)# description «Big ICMP DoS»
We will drop packets:
esr(config-ips-category-rule)# action drop
Configure attack message:
esr(config-ips-category-rule)# meta log-message «Big ICMP DoS»
esr(config-ips-category-rule)# meta classification-type successful-dos

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the ELTEX ESR Series and is the answer not in the manual?

ELTEX ESR Series Specifications

General IconGeneral
ModelESR Series
CategoryNetwork Router
ManufacturerELTEX
ManagementWeb interface, CLI, SNMP
Operating Temperature0°C to 40°C
DimensionsVaries by model
WeightVaries by model
Routing ProtocolsOSPF, BGP
WAN InterfacesEthernet, SFP
LAN InterfacesEthernet, SFP
VPN SupportIPsec, L2TP, PPTP
FirewallStateful packet inspection, ACLs
Power over Ethernet (PoE)Available on some models
QoSTraffic prioritization

Related product manuals