b.hsu Tue, 03/28/2006 - 10:49
User Badges:
  • Silver, 250 points or more

You can limit TCP and UDP connections and embryonic connections. Limiting the number of connections and embryonic connections protects you from a DoS attack. The security appliance uses the embryonic limit to trigger TCP Intercept, which protects inside systems from a DoS attack perpetrated by flooding an interface with TCP SYN packets. An embryonic connection is a connection request that has not finished the necessary handshake between source and destination.


TCP normalization is a feature consisting of advanced TCP connection settings designed to drop packets that do not appear normal.


http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080450bf6.html

Actions

This Discussion