Engine Editor > Advanced Settings > DoS Protection
Use this branch to configure protection that can help prevent Denial of Service (DoS) attacks.
Option | Definition |
---|---|
Rate-Based DoS Protection Mode | Enables or disables DoS protection, which can help prevent Denial of Service (DoS) attacks.
|
SYN Flood Sensitivity | When SYN flood protection is activated, the Secure SD-WAN Engine acts as a SYN proxy. The engine completes the TCP handshake with the
client, and only initiates the connection with the server after the client has completed the TCP handshake.
|
Limit for Half-Open TCP Connections (Optional) |
Set the maximum number of half-open TCP connections per destination IP address. The minimum is 125, the maximum is 100 000. When the limit is exceeded, the SYN flood protection is activated, and log data is generated. |
Slow HTTP Request Sensitivity | The Secure SD-WAN Engine analyzes the data transfer rate and length of time it takes to read the header fields of the HTTP request. If
the sender of the request tries to keep the connection open for an unreasonable length of time, the Secure SD-WAN Engine block lists
the sender’s IP address for a specified length of time.
|
Slow HTTP Request Block list Timeout | The length of time for block listing IP addresses that are suspected of sending malicious traffic. Enter the time in seconds (the default is 300). |
TCP Reset Sensitivity | When enabled, the Secure SD-WAN Engine detects the sequence numbers of the TCP RST segments to determine whether it is under a TCP
Reset attack. You cannot override this setting in individual Access rules
|