hi : I have a question in regard to Flood Protection Thresholds under Zone Protection. Do the thresholds for Alert/Activate/Maximum apply to counting SYN packets directed at a partuicular host or to counting SYN packets directed at all the hosts in the protected zone.
The online documentatio specifies "destination" which implies a particular IP while the the Zore Protection Guide specifies "destination zone" which implies something else.
hi : The reason I asked my question was that I thought that SYN flood protection was for individual hosts like web servers rather than protection for a zone. If I set alert/activate/maximum thresholds at 10000/10000/40000 and if these numbers apply to the total number of SYN Flood packets sent to a zone/sec then it does not help me if my web server goes belly up after 9000 SYN flood packets/sec. Thanks.
absolutely, I agee and understand your requirement. I just know PAN is working on this to make it more granular maybe in 4.0 ?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!