Our SA540 is showing a lot of records (more than 1 per second) for WAN_PING from all over the world. It is dropping the connection for them. I know there are script kiddies and real deal hackers out there spoofing IP addresses from all over the world and pinging random hosts to pinpoint targets. However, I am wondering how many of you actually have seen it this much? And when you did, what steps did you take to ensure security?
Also, I am not aware if SA540 has hosts.deny type of thing. If I could automatically deny connections to these hosts for let's say 5 minutes, that would slow them down and will help me better secure my environment.
Article ID:3091 Reboot and Factory Default Reset on ISA500 Series
Integrated Security Appliances Objective Reboot or restart of the
network device is made when certain changes in the settings need reboot
or if the device is frozen. The configuration setti...
Article ID:3403 WAN Quality of Service (QoS) Policy Profiles Settings on
ISA500 Series Integrated Security Appliances Objective Wide Area Network
(WAN) Quality of Service (QoS) policy profiles manage traffic through
classed-based profiles. These profiles ...
Article ID:2922 Cisco QuickVPN Installation Tips for Windows Operating
Systems For a video showing installation tips on Quick VPN, visit
http://youtu.be/hHu2z6A78N8 Objective Cisco QuickVPN is a free software
designed for remote access to a network. It is...