Manage Device Security
525
M4300 Series and M4300-96X Fully Managed Switches User Manual
6. In the Denial of Service Min TCP Header Size field, specify the minimum TCP header size
allowed.
If DoS TCP Fragment is enabled, the switch drops these packets:
• First TCP fragments with a TCP payload: IP_Payload_Length - IP_Header_Size <
Min_TCP_Header_Size.
• Its range is 0 to 255. The default value is 20.
7. Select the
Denial of Service ICMPv4 Disable or Enable radio button.
Enabling ICMPv4 DoS prevention causes the switch to drop ICMPv4 packets with a type
set to ECHO_REQ (ping) and a size greater than the configured ICMPv4 packet size.
The factory default is Disable.
8. Specify the Denial of Service Max ICMPv4 Packet Size.
This is the maximum ICMPv4 Pkt Size allowed. If ICMPv4 DoS prevention is enabled, the
switch drops IPv4 ICMP ping packets with a size greater than the configured Max
ICMPv4 packet size. Its range is 0 to 16376.
The default value is 512.
9. Use Denial of Service ICMPv6
to enable ICMPv6 DoS prevention.
This causes the switch to drop ICMPv6 packets with a type set to ECHO_REQ (ping) and
a size greater than the configured ICMPv6 Pkt Size. The factory default is Disable.
10. Use Denial of Service Max ICMPv6 Packet Size to specify the maximum IPv6 ICMP
packet size allowed.
If ICMPv6 DoS prevention is enabled, the switch drops IPv6 ICMP ping packets with a
size greater than the configured maximum ICMPv6 packet size. Its range is 0 to 16376.
The default value is 512.
1
1. Select the Denial of Service First Fragment Disable or Enable radio button.
To Next Page
Loading...
