Cisco Systems ISA550 Manual De Usuario
Firewall
Configuring Session Limits
Cisco ISA500 Series Integrated Security Appliances Administration Guide
288
6
•
Block Multicast Packets: Check this box to block multicast packets. By
default, the firewall blocks all multicast packets. This feature has higher
priority than the firewall rules, which indicates that the firewall rules that
permit multicast traffic will be overridden if you enable this feature.
default, the firewall blocks all multicast packets. This feature has higher
priority than the firewall rules, which indicates that the firewall rules that
permit multicast traffic will be overridden if you enable this feature.
STEP 5
In the DoS Attacks area, enter the following information:
•
SYN Flood Detect Rate: Enter the maximum number of SYN packets per
second that will cause the security appliance to determine that a SYN Flood
Intrusion is occurring. Enter a value from 0 to 65535 SYN packets per second.
The default value is 128 SYN packets per seconds. A value of zero (0)
indicates that the SYN Flood Detect feature is disabled.
second that will cause the security appliance to determine that a SYN Flood
Intrusion is occurring. Enter a value from 0 to 65535 SYN packets per second.
The default value is 128 SYN packets per seconds. A value of zero (0)
indicates that the SYN Flood Detect feature is disabled.
•
Echo Storm: Enter the number of pings per second that will cause the
security appliance to determine that an echo storm intrusion event is
occurring. Enter a value from 0 to 65535 ping packets per second. The
default value is 15 ping packets per seconds. A value of zero (0) indicates
that the Echo Storm feature is disabled.
security appliance to determine that an echo storm intrusion event is
occurring. Enter a value from 0 to 65535 ping packets per second. The
default value is 15 ping packets per seconds. A value of zero (0) indicates
that the Echo Storm feature is disabled.
•
ICMP Flood: Enter the number of ICMP packets per second, including PING
packets, that will cause the security appliance to determine that an ICMP
flood intrusion event is occurring. Enter a value from 0 to 65535 ICMP
packets per second. The default value is 100 ICMP packets per seconds. A
value of zero (0) indicates that the ICMP Flood feature is disabled.
packets, that will cause the security appliance to determine that an ICMP
flood intrusion event is occurring. Enter a value from 0 to 65535 ICMP
packets per second. The default value is 100 ICMP packets per seconds. A
value of zero (0) indicates that the ICMP Flood feature is disabled.
NOTE: When one of DoS attack levels is exceeded, that kind of traffic will be
dropped.
dropped.
STEP 6
Click Save to apply your settings.
Configuring Session Limits
Use the Session Limits page to configure the maximum number of connection
sessions. When the connection table is full, the new sessions that access the
security appliance are dropped.
sessions. When the connection table is full, the new sessions that access the
security appliance are dropped.
STEP 1
Click Firewall > Session Limits.
STEP 2
Enter the following information:
•
Current All Connections: Displays the total number of current connections.
Click Disconnect All to clean up all connected sessions.
Click Disconnect All to clean up all connected sessions.