System information
Configuring Security
Denial of Service Prevention
Cisco Small Business 300 Series Managed Switch Administration Guide 228
16
• Mask—Enter the mask of the IP address to define the range of IP addresses
for which Denial of Service prevention is enabled. The values are:
- Network Mask—Network mask in dotted decimal format.
- Prefix Length—Enter the prefix of the IP address to define the range of
IP addresses for which Denial of Service prevention is enabled.
STEP 5 Click Apply. The Martian addresses are defined, and the switch is updated.
Define SYN Filtering
The
SYN Filtering Page
enables
filtering TCP packets that contain a SYN flag, and
are destined for a specific IP address and/or port.
To define SYN filtering:
STEP 1 Click Security > Denial of Service Prevention > SYN Filtering. The SYN Filtering
Page displays.
This page displays the existing SYN filters.
STEP 2 Click Add. The Add SYN Filtering Page displays.
STEP 3 Enter the parameters.
• Interface—Select the interface on which the filter is defined.
• IPv4 Address—Enter the IP address for which the filter is defined, or select
All Addresses.
• Network Mask—Enter the Network mask for which the filter is enabled in IP
address format.
• TCP Port—Select the destination TCP port being filtered:
- Known Ports—Select a port from the list.
- User Defined—Enter a port number.
- All Ports—Select to indicate that all ports are filtered.
STEP 4 Click Apply. The SYN filter is defined, and the switch is updated.