Chapter 13 Security Policy
USG FLEX H Series User’s Guide
199
13.4 DoS Prevention Overview
DoS attacks can flood your Internet connection with invalid packets and connection request, using so
much bandwidth and so many resources that Internet access becomes unavailable. The goal of DoS
attacks is not to steal information, but to disable a device or network on the Internet.
DoS prevention protects against anomalies based on violations of protocol standards (RFCs – Requests
for Comments) and abnormal flows such as port scans. This section introduces DoS prevention profiles
and applying a DoS prevention profile to a traffic direction.
Traffic Anomalies
Traffic anomaly policies look for abnormal behavior or events such as port scanning, sweeping or
network flooding. They operate at OSI layer-3 and layer-4. Traffic anomaly policies may be updated
when you upload new firmware.
Note: First, create a DoS prevention profile in the In the Security Policy > DoS Prevention >
Profile screen. Then, apply the profile to traffic originating from a specific zone in the
Security Policy > DoS Prevention >DoS Prevention Policy screen.
To Next Page
Loading...
