Vendor : Cisco Systems
E-mail this page
Related Content
Remember this itemFormat: PDF
Date:
01/10/2006
Tuning Cisco IOS Firewall Denial-of-Service Protection
0
0 votes
Overview
Prior to Cisco IOS Software Release 12.4(11)T, Cisco IOS Firewall provided Denial-of-Service (DoS) attack protection as a default when either Classic or Zone-Based Policy Firewall was applied. Cisco IOS Software Release 12.4(11)T modified the default DoS settings so protection is effectively disabled, but the connection activity counters are still active. This paper provides procedures to tune Cisco IOS Firewall DoS protection values for both Classic and Zone-Based Cisco IOS Firewall. Cisco IOS Firewall maintains counters of the number of "Half-open" TCP connections, as well as the total connection rate through the firewall and intrusion prevention software, in both Classic Firewall (ip inspect) and Zone-Based Policy Firewall.
See also: Denial of Service, Security Tools
Related whitepapers
- Gartner MarketScope for Network Access Control, 2008 brought to you by Sophos
- NAC at the endpoint: Control your network through device compliance
- Enabling the High-Performance Next Generation Firewall
- Secure Computing Case Study: Frontier Airlines
- Microsoft FDCC Webcast Series: Making the Windows Firewall Work in an FDCC Environment
- Moving Toward Network Security and Firewalls for Protecting and Preserving Private Resources on the Internet
- Formal Verification of Firewall Policies
- Novell Zenworks Endpoint Security Management: Total Control from a Single Console
- Secure Desktop On-Demand Webcast
- UTM-1 Adopted for Security Infrastructure of a New Application Services Business
|
|
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
