- Network > Network Profiles > Zone Protection > Reconnaissance Protection
The following settings define reconnaissance protection:
Zone Protection Profile Settings—Reconnaissance Protection
TCP Port Scan
NetworkNetwork ProfilesZone ProtectionReconnaissance Protection
Enable configures the profile to enable protection against TCP port scans.
UDP Port Scan
Enable configures the profile to enable protection against UDP port scans.
Enable configures the profile to enable protection against host sweeps.
Action that the system will take in response to the corresponding reconnaissance attempt:
Time interval, in seconds, for TCP or UDP port scan detection (range is 2-65,535; default is 2).
Time interval, in seconds, for host sweep detection (range is 2-65,535; default is 10).
Number of scanned port events or host sweep events within the specified time interval that triggers the Action (range is 2-65,535; default is 100).
Source Address Exclusion
IP addresses whitelisted from the reconnaissance protection. The list supports a maximum of 20 IP addresses or Netmask address objects.
Configure Reconnaissance Protection
Configure Reconnaissance Protection Configure one of the following Reconnaissance Protection actions for the firewall to take in response to the corresponding reconnaissance attempt: Allow —The ...
Reconnaissance Protection Similar to the military definition of reconnaissance, the network security definition of reconnaissance is when attackers attempt to gain information about your network’s ...
Reconnaissance Protection Whitelist
Reconnaissance Protection Whitelist While ports scanning can be used for legitimate network monitoring purposes, it can also be used by attackers to search for an ...
Networking Features New Networking Features Description Tunnel Content Inspection The firewall can now inspect the traffic content of cleartext tunnel protocols: Generic Routing Encapsulation (GRE) ...
Zone Defense Tools
Zone Defense Tools Palo Alto Networks firewalls provide three complementary tools to protect the zones in your network: Zone protection profiles defend the zone at ...
Use Templates to Administer a Base Configuration
Use Templates to Administer a Base Configuration The second task in Use Case: Configure Firewalls Using Panorama is to create the templates you will need ...
Networking Features Tunnel Content Inspection Multiprotocol BGP Zone Protection for Multi-path TCP (MPTCP) Evasions Zone Protection for Non-IP Protocols on a Layer 2 VLAN or ...
Zone Protection Profiles
Zone Protection Profiles Apply a zone protection profile to a zone to defend the entire zone based on the aggregate traffic entering the ingress zone: ...
Network > Network Profiles > Zone Protection
Network > Network Profiles > Zone Protection A Zone Protection profile applied to a zone offers protection against most common floods, reconnaissance attacks, other packet-based ...