v
3 Virus Throttling (Connection-Rate Filtering)
Overview of Connection-Rate Filtering . . . . . . . . . . . . . . . . . . . . . . . . . 3-1
Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
General Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
Filtering Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
Sensitivity to Connection Rate Detection . . . . . . . . . . . . . . . . . . . . 3-4
Application Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6
Unblocking a Currently Blocked Host . . . . . . . . . . . . . . . . . . . . . . 3-6
General Configuration Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7
For a network that is relatively attack-free: . . . . . . . . . . . . . . . . . . . . . 3-7
For a network that appears to be under significant attack: . . . . . . . . . 3-8
Configuring Connection-Rate Filtering . . . . . . . . . . . . . . . . . . . . . . . . . 3-9
Global and Per-Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9
Enabling Connection-Rate Filtering and Configuring
Sensitivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10
Configuring the Per-Port Filtering Mode . . . . . . . . . . . . . . . . . . . 3-11
Example of a Basic Connection-Rate Filtering Configuration . . 3-12
Viewing and Managing Connection-Rate Status . . . . . . . . . . . . . . . . . 3-14
Viewing Connection-Rate Configuration . . . . . . . . . . . . . . . . . . . 3-14
Listing Currently-Blocked Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15
Unblocking Currently-Blocked Hosts . . . . . . . . . . . . . . . . . . . . . . 3-15
Configuring and Applying Connection-Rate ACLs . . . . . . . . . . . . . . 3-17
Connection-Rate ACL Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-18
Configuring a Connection-Rate ACL Using
Source IP Address Criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19
Configuring a Connection-Rate ACL Using UDP/TCP Criteria . . . . . 3-21
Applying Connection-Rate ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24
Using CIDR Notation To Enter the ACE Mask . . . . . . . . . . . . . . . . . . 3-24
Example of Using an ACL in a Connection-Rate Configuration . . . . 3-25
Connection-Rate ACL Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . 3-27
To Next Page
Loading...
Need help?
General
