while you have the signature that protects against 'synflood attacks' enabled,
it will only effectively block synflood traffic if the following parameter is configured
'pam.tcp.synflood.protection'with a value of 'true'.
There are a couple of other tuning parameters available to more granularly configure the synflood protection.
advanced tuning parameters:
pam.tcp.synflood.protection.untrusted.rate
pam.tcp.synflood.protection.duplicatesyn.retransmit
pam.tcp.synflood.protection.duplicatesyn.timeout
pam.tcp.synflood.protection.duplicatesyn.enabled
pam.tcp.synflood.protection
pam.tcp.synflood.custom.limit
pam.tcp.synflood.custom
pam.tcp.synflood.size
pam.tcp.synflood.limit
To fine-tune your config, make sure that you specifically include these parameters in the local tuning section of the G
NAME=pam.tcp.synflood.protection
VALUE=true
NAME=pam.tcp.synflood.limit
VALUE=1000
You can then modify the limit parameter to suit your needs, depending on network conditions.
The Simplest and Best Way to Manage Checkpoint Secure Platform http://www.smartsplat.com
No comments:
New comments are not allowed.