[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Enabling UDP Flood Protection

UDP flooding occurs when an attacker sends IP packets containing UDP datagrams with the purpose of slowing down the victim to the point that the victim can no longer handle valid connections.

Before You Begin

For background information, read Understanding UDP Flood Attacks.

You can use either J-Web or the CLI configuration editor to enable UDP flood protection. The specified zone is where a flood might originate.

Note: The value unit is UDP packets per second. The default value is 1000 packets per second.

This topic covers:

J-Web Configuration

To configure zones:

  1. Select Configure>CLI Tools>Point and Click CLI.
  2. Next to Security, click Configure or Edit.
  3. Next to Zones, click Configure.
  4. Next to Security zone, click Add new entry.
  5. In the Name box, type external.
  6. In the Screen box, type external-udp-flood and click OK.
  7. To save and commit the configuration, click Commit.

To configure screens:

  1. Select Configure>CLI Tools>Point and Click CLI.
  2. Next to Security, click Configure or Edit.
  3. Next to Screen, click Configure.
  4. Next to Ids option, click Add new entry.
  5. In the Name box, type 1000-udp-flood.
  6. Next to Udp, click Configure.
  7. Next to Flood, select the check box and click Configure.
  8. In the Threshold box, type 1000 and click OK.
  9. To save and commit the configuration, click Commit.

CLI Configuration

user@host# set security zones security-zone external screen external-udp-flood
user@host# set security screen ids-option 1000-udp-flood udp flood threshold 1000

Related Topics


[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]