User guide
RG Internet Profile Creating RG Profiles with Field Descriptions
7-47
AlliedView NMS Administration Guide (Provisioning the iMG/RG)
IDS parameters Whether IDS is Enabled or Disabled. If Enabled, the IDS Parameters window is acti-
vated.
Note: IDS parameters can be datafilled and enabled regardless of
whether the FIrewall feature is enabled, since IDS applies to
the iMG/RG, and is not associated with specific Firewall
attributes.
- IDS Blacklist - Enabled or Disabled - Blacklisting denies an external host access to
the system if IDS has detected an intrusion from that host. Access to the network is
denied for ten minutes.
- IDS Victim Protection - Enabled or Disabled - This protects the system against
broadcast pings with a spoofed source address. Packets are blocked for a specified
duration (600 minutes by default, can be changed using Duration field below)
- IDS DOS Attack Block Duration - A DOS attack is an attempt by an attacker to
prevent legitimate users from using a service. If a DOS attack is detected, all suspi-
cious hosts are blocked for a set time limit. Default is 1800 seconds (30 minutes)
- IDS Scan Attack Block Duration - If hosts are blocked, sets the duration of the
block time limit.
- IDS Victim Protection Block Duration - If victim protection is enabled, specifies
the duration of the block
- Max. TCP Open Handshaking Count - The maximum number of unfinished TCP
handshakes allowed before a flood is detected. See Note below.
- Max. Ping Count - The maximum number of pings allowed before an echo storm is
detected. See Note below.
- Max. ICMP Count - The maximum number of ICMP packets allowed before a
flood is detected. See Note below.
Note: For the Max. parameters above, the attacker is blocked by the time defined
in the IDS DOS Attack Block Duration field.
TABLE 7-11 Create RG Internet Profile Firewall Tab
Attribute Value