User's Manual Part 1
Firmware Version 1.0.0.1 UCM6200 Series IP PBX User Manual Page 62 of 320
Click on to edit the rule
Click on
to delete the rule
DYNAMICDEFENSE
Dynamic defense is supported on the UCM6200 series. It can blacklist hosts dynamically when the LAN
mode is set to "Route" under web GUI->Settings->Network Settings->Basic Settings page. If enabled,
the traffic coming into the UCM6200 can be monitored, which helps prevent massive connection attempts
or brute force attacks to the device. The blacklist can be created and updated by the UCM6200 firewall,
which will then be displayed in the web page. Please refer to the following table for dynamic defense
options on the UCM6200.
Table 17: UCM6200 Firewall Dynamic Defense
Dynamic Defense
Enable
Enable dynamic defense. The default setting is disabled.
Periodical Time
Interval
Configure the dynamic defense periodic time interval (in minutes). If the
number of TCP connections from a host exceeds the connection threshold
within this period, this host will be added into Blacklist. The valid value is
between 1 and 59 when dynamic defense is turned on. The default setting is
59.
Blacklist Update
Interval
Configure the blacklist update time interval (in seconds). The default setting is
120.
Connection
Threshold
Configure the connection threshold. Once the number of connections from the
same host reaches the threshold, it will be added into the blacklist. The default
setting is 100.
Dynamic Defense
Whitelist
Configure the dynamic defense whitelist.
For example,
192.168.1.3
192.168.1.4
The following figure shows a configuration example like this:
If a host at IP address 192.168.40.7 initiates more than 20 TCP connections to the UCM6200 within 1
minute, it will be added into UCM6200 blacklist.
This host 192.168.40.7 will be blocked by the UCM6200 for 300 seconds.