Prevent TCP Split Handshake Session Establishment

You can configure a TCP Split Handshake Drop in a Zone Protection profile to prevent TCP sessions from being established unless they use the standard three-way handshake. This task assumes that you assigned a security zone for the interface where you want to prevent TCP split handshakes from establishing a session.
  1. Configure a Zone Protection profile to prevent TCP sessions that use anything other than a three-way handshake to establish a session.
    1. Select
      Network
      Network Profiles
      Zone Protection
      and click
      Add
      to create a new profile (or select an existing profile).
    2. If creating a new profile, enter a
      Name
      for the profile and an optional
      Description
      .
    3. Select
      Packet Based Attack Protection
      TCP Drop
      and select
      Split Handshake
      .
    4. Click
      OK
      .
  2. Apply the profile to one or more security zones.
    1. Select
      Network
      Zones
      and select the zone where you want to assign the zone protection profile.
    2. In the Zone window, from the
      Zone Protection Profile
      drop-down, select the profile you configured in the previous step.
      Alternatively, you could start creating a new profile here by clicking
      Zone Protection Profile
      , in which case you would continue accordingly.
    3. Click
      OK
      .
    4. (
      Optional
      ) Repeat steps 1-3 to apply the profile to additional zones.
  3. Save the configuration.
    Click
    OK
    and
    Commit
    .

Related Documentation