Specifications
Issue 1.0, April 2006 Section 364-180-N02
©2006 Charles Industries, Ltd.
All rights reserved. Printed in United States of America.
84
Configuring Intrusion Detection Settings
Intrusion Detection settings allow you to protect your network from intrusions such as denial of
service (DOS) attacks, port scanning and web spoofing. This section assumes that you have
followed the instructions in Enabling Security and Enabling Firewall
and/or Intrusion Detection.
To configure Intrusion Detection settings:
1. Go to the Policies, Triggers and Intrusion Detection section of the Security Interface
Configuration page. Click on Configure Intrusion Detection. The “Firewall Configure Intrusion
Detection” page is displayed:
Figure 6-56 Web Tool – Security: Firewall Configuration Intrusion Detection page
2. Configure Intrusion Detection as follows:
Use Blacklist; select true or false depending on whether you want external hosts to be blacklisted
if the Firewall detects an intrusion from that host. Click on the Clear Blacklist button at the
bottom of the page to clear blacklisting of an external host. The Security Interface Configuration
page is displayed.
Use Victim Protection; select true or false depending on whether you want to protect a victim
from an attempted web spoofing attack.
DOS Attack Block Duration; type the length of time (in seconds) that the Firewall blocks
suspicious hosts for once a DOS attack attempt has been detected.
Scan Attack Block Duration; type the length of time (in seconds) that the Firewall blocks
suspicious hosts for after it has detected scan activity.
The availability of features and technical specifications herein subject to change without notice.