HP E3800 Series

To Next Page

To Previous Page

3 Virus Throttling (Connection-Rate Filtering)

Overview of Connection-Rate Filtering . . . . . . . . . . . . . . . . . . . . . . . . . 3-1

Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2

General Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3

Filtering Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3

Sensitivity to Connection Rate Detection . . . . . . . . . . . . . . . . . . . . 3-4

Application Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4

Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6

Unblocking a Currently Blocked Host . . . . . . . . . . . . . . . . . . . . . . 3-6

General Configuration Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7

For a network that is relatively attack-free: . . . . . . . . . . . . . . . . . . . . . 3-7

For a network that appears to be under significant attack: . . . . . . . . . 3-8

Configuring Connection-Rate Filtering . . . . . . . . . . . . . . . . . . . . . . . . . 3-9

Global and Per-Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9

Enabling Connection-Rate Filtering and Configuring

Sensitivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10

Configuring the Per-Port Filtering Mode . . . . . . . . . . . . . . . . . . . 3-11

Example of a Basic Connection-Rate Filtering Configuration . . 3-12

Viewing and Managing Connection-Rate Status . . . . . . . . . . . . . . . . . 3-14

Viewing Connection-Rate Configuration . . . . . . . . . . . . . . . . . . . 3-14

Listing Currently-Blocked Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15

Unblocking Currently-Blocked Hosts . . . . . . . . . . . . . . . . . . . . . . 3-15

Configuring and Applying Connection-Rate ACLs . . . . . . . . . . . . . . 3-17

Connection-Rate ACL Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-18

Configuring a Connection-Rate ACL Using

Source IP Address Criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19

Configuring a Connection-Rate ACL Using UDP/TCP Criteria . . . . . 3-21

Applying Connection-Rate ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24

Using CIDR Notation To Enter the ACE Mask . . . . . . . . . . . . . . . . . . 3-24

Example of Using an ACL in a Connection-Rate Configuration . . . . 3-25

Connection-Rate ACL Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . 3-27

Related product manuals