Filter
Top Products
Security
Denial of Service Prevention
273 Cisco Small Business 200 Series Smart Switch Administration Guide
17
• All other DoS Prevention features are disabled by default.
Configuring DoS Prevention
The following pages are used to configure this feature.
Security Suite Settings
To configure DoS Prevention global settings and monitor SCT:
STEP 1 Click Security > Denial of Service Prevention > Security Suite Settings. The
Security Suite Settings displays.
CPU Protection Mechanism: Enabled indicates that SCT is enabled.
STEP 2 Click Details beside CPU Utilization to go to the CPU Utilization page and view
CPU resource utilization information.
STEP 3 Click Edit beside TCP SYN Protection to go to the SYN Protection page and
enable this feature.
SYN Protection
The network ports might be used by hackers to attack the device in a SYN attack,
which consumes TCP resources (buffers) and CPU power.
Since the CPU is protected using SCT, TCP traffic to the CPU is limited. However, if
one or more ports are attacked with a high rate of SYN packets, the CPU receives
only the attacker packets, thus creating Denial-of-Service.
When using the SYN protection feature, the CPU counts the SYN packets
ingressing from each network port to the CPU per second.
If the number is higher than the threshold, a SYSLOG message is generated, but
the packets are not blocked.
To configure SYN protection:
STEP 1 Click Security > Denial of Service Prevention > SYN Protection.
STEP 2 Enter the parameters.
• Block SYN-FIN Packets—Select to enable the feature. If TCP packets with
both SYN and FIN flags are detected, a SYSLOG message is generated.
• SYN Protection Mode—Select between three modes: