Support User Manuals

ZyXEL Communications 794M Network Card User Manual

Open as PDF

of 119

Prestige 794M User’s Guide

73 Chapter 6 Firewall

The following table describes the labels in this screen.

Note: For SYN Flood, ICMP Echo Storm and ICMP flood attacks, the Prestige logs

the event in the Event Log screen. The Prestige cannot prevent such attacks

from occurring.

6.6 URL Filter

URL (Uniform Resource Locator) filtering allows you to create and enforce Internet access

policies tailored to your needs. URL filtering gives you the ability to block web sites that

contain key words (that you specify) in the web address (such as www.xxx.com). You can set

a schedule for when the Prestige performs content filtering.

Note: URL filter blocks web browser (HTTP) connection attempts using port 80 only.

Click Configuration, Firewall and URL Filter in the navigation panel to display the screen

as shown next.

Table 35 Firewall: Intrusion Detection

LABEL DESCRIPTION

Intrusion Detection Select Enable to activate this feature.

Select Disable to deactivate this feature.

Victim Protection

Block Duration

Specify the time period (in seconds) the Prestige blocks any Smurf attacks when

detected.

Scan Attack Block

Duration

Specify the time period (in seconds) the Prestige blocks hosts that attempt a

possible Scan attack. Scan attack types include X’mas scan, IMAP SYN/FIN scan

and similar attempts.

DoS Attack Block

Duration

Specify the time period (in seconds) the Prestige blocks hosts that attempt a

possible Denial of Service (DoS) attack.

Possible DoS attacks this attempts to block include Ascend Kill and WinNuke.

Max TCP Open

Handshaking

Count

This is the rate of new TCP handshake open sessions that causes the firewall to

determine that this is a SYN Flood attack. The Prestige then starts to delete new

sessions.

Max PING Count This is the rate of ICMP echo (or Ping) requests that the Prestige receives per

second. If the current rate is above this number, the firewall decides that this is an

ICMP Echo Storm attack.

Max ICMP Count This is the rate of ICMP packets that the Prestige receives per second. If the

current rate is above this number, the firewall decides that this is an ICMP Flood

attack.

Apply Click Apply to save the settings.

Clear Blacklist Click Clear Blacklist to reset the blacklist.

previous next