User Manual Part 2
Table Of Contents
- Using SmartDefense
- Using Antivirus and Antispam Filtering
- Overview
- Using VStream Antivirus
- Using VStream Antispam
- How VStream Antispam Works
- Header Marking
- Default Antispam Policy
- Enabling/Disabling VStream Antispam
- Viewing VStream Antispam Statistics
- Configuring the Content Based Antispam Engine
- Configuring the Block List Engine
- Configuring the IP Reputation Engine
- Configuring the VStream Antispam Policy
- Configuring the Safe Sender List
- Configuring VStream Antispam Advanced Settings
- Using Centralized Email Filtering
- Using Web Content Filtering
- Updating the Firmware
- Using Subscription Services
- Working With VPNs
- Overview
- Setting Up Your Safe@Office Appliance as a VPN Server
- Adding and Editing VPN Sites
- Viewing and Deleting VPN Sites
- Enabling/Disabling a VPN Site
- Logging in to a Remote Access VPN Site
- Logging Out of a Remote Access VPN Site
- Using Certificates
- Viewing VPN Tunnels
- Viewing IKE Traces for VPN Connections
- Viewing VPN Topology
- Managing Users
- Using Remote Desktop
- Controlling the Appliance via the Command Line
- Maintenance
- Viewing Firmware Status
- Upgrading Your Software Product
- Configuring a Gateway Hostname
- Configuring Syslog Logging
- Configuring HTTPS
- Configuring SNMP
- Setting the Time on the Appliance
- Using Diagnostic Tools
- Backing Up and Restoring the Safe@Office Appliance Configuration
- Using Rapid Deployment
- Resetting the Safe@Office Appliance to Defaults
- Running Diagnostics
- Rebooting the Safe@Office Appliance
- Using Network Printers
- Troubleshooting
- Specifications
- Glossary of Terms
- Index
SmartDefense Categories
Chapter 14: Using SmartDefense 423
Table 71: LAND Fields
In this field… Do this…
Action Specify what action to take when a LAND attack occurs, by selecting one of
the following:
• Block. Block the attack. This is the default.
• None. No action.
Track Specify whether to log LAND attacks, by selecting one of the following:
• Log. Log the attack. This is the default.
• None. Do not log the attack.
Non-TCP Flooding
Advanced firewalls maintain state information about connections in a State table. In Non-
TCP Flooding attacks, the attacker sends high volumes of non-TCP traffic. Since such
traffic is connectionless, the related state information cannot be cleared or reset, and the
firewall State table is quickly filled up. This prevents the firewall from accepting new
connections and results in a Denial of Service (DoS).
You can protect against Non-TCP Flooding attacks by limiting the percentage of state table
capacity used for non-TCP connections.