User Manual Part 2
Table Of Contents
- Using SmartDefense
- Using Antivirus and Antispam Filtering
- Overview
- Using VStream Antivirus
- Using VStream Antispam
- How VStream Antispam Works
- Header Marking
- Default Antispam Policy
- Enabling/Disabling VStream Antispam
- Viewing VStream Antispam Statistics
- Configuring the Content Based Antispam Engine
- Configuring the Block List Engine
- Configuring the IP Reputation Engine
- Configuring the VStream Antispam Policy
- Configuring the Safe Sender List
- Configuring VStream Antispam Advanced Settings
- Using Centralized Email Filtering
- Using Web Content Filtering
- Updating the Firmware
- Using Subscription Services
- Working With VPNs
- Overview
- Setting Up Your Safe@Office Appliance as a VPN Server
- Adding and Editing VPN Sites
- Viewing and Deleting VPN Sites
- Enabling/Disabling a VPN Site
- Logging in to a Remote Access VPN Site
- Logging Out of a Remote Access VPN Site
- Using Certificates
- Viewing VPN Tunnels
- Viewing IKE Traces for VPN Connections
- Viewing VPN Topology
- Managing Users
- Using Remote Desktop
- Controlling the Appliance via the Command Line
- Maintenance
- Viewing Firmware Status
- Upgrading Your Software Product
- Configuring a Gateway Hostname
- Configuring Syslog Logging
- Configuring HTTPS
- Configuring SNMP
- Setting the Time on the Appliance
- Using Diagnostic Tools
- Backing Up and Restoring the Safe@Office Appliance Configuration
- Using Rapid Deployment
- Resetting the Safe@Office Appliance to Defaults
- Running Diagnostics
- Rebooting the Safe@Office Appliance
- Using Network Printers
- Troubleshooting
- Specifications
- Glossary of Terms
- Index
SmartDefense Categories
Chapter 14: Using SmartDefense 437
TCP
This category allows you to configure various protections related to the TCP protocol. It
includes the following:
• Flags on page 443
• Sequence Ve
rifier on page 442
• Small PMTU on page 438
• Strict TCP on page 437
• SynDefender on page 440
Strict TCP
Out-of-state TCP packets are SYN-ACK or data packets that arrive out of order, before the
TCP SYN packet.
Note: In normal conditions, out-of-state TCP packets can occur after the
Safe@Office restarts, since connections which were established prior to the reboot
are unknown. This is normal and does not indicate an attack.
Note: Certain SmartDefense protections implicitly apply the Strict TCP protection to
relevant connections. In such cases, "TCP Out-of-State" log messages may appear
in the Security Log, even though the Strict TCP protection is disabled.
You can configure how out-of-state TCP packets should be handled.