User's Manual
Table Of Contents
Industrial VPN Security Gateway
IVR-100_IVR-300 Series
- 91 -
Object
Description
SPI Firewall
The SPI Firewall prevents attack and improper access to network
resources.
The default configuration is enabled.
Block SYN Flood
SYN Flood is a popular attack way. DoS and DDoS are TCP
protocols. Hackers like to use this method to make a fake connection
that involves the CPU, memory, and so on.
The default configuration is enabled.
Block FIN Flood
If the function is enabled, when the number of the current FIN
packets is beyond the set value, the VPN Security Gateway will start
the blocking function immediately.
The default configuration is disabled.
Block UDP Flood
If the function is enabled, when the number of the current
UPD-FLOOD packets is beyond the set value, the VPN Security
Gateway will start the blocking function immediately.
The default configuration is disabled.
Block ICMP Flood
ICMP is kind of a pack of TCP/IP; its important function is to transfer
simple signal on the Internet. There are two normal attack ways
which hackers like to use, Ping of Death and Smurf attack.
The default configuration is disabled.
IP TearDrop
If the function is enabled, the VPN Security Gateway will block
Teardrop attack that is targeting on TCP/IP fragmentation
reassembly codes.
Ping Of Death
If the function is enabled, the VPN Security Gateway will block Ping
of Death attack that aims to disrupt a targeted machine by sending a
packet larger than the maximum allowable size causing the target
machine to freeze or crash.
Block WAN Ping
Enable the function to allow the Ping access from the Internet
network.
The default configuration is disabled.
Remote Management
Enable the function to allow the web server access of the VPN
Security Gateway from the Internet network.
The default configuration is disabled.