Prevent TCP Split Handshake Session Establishment

You can configure a TCP Split Handshake Drop in a Zone Protection profile to prevent TCP sessions from being established unless they use the standard three-way handshake. This task assumes that you assigned a security zone for the interface where you want to prevent TCP split handshakes from establishing a session.
  1. Configure a Zone Protection profile to prevent TCP sessions that use anything other than a three-way handshake to establish a session.
    1. Select NetworkNetwork ProfilesZone Protection and Add a new profile (or select an existing profile).
    2. If creating a new profile, enter a Name for the profile and an optional Description.
    3. Select Packet Based Attack ProtectionTCP Drop and select Split Handshake.
    4. Click OK.
  2. Apply the profile to one or more security zones.
    1. Select NetworkZones and select the zone where you want to assign the zone protection profile.
    2. In the Zone window, from the Zone Protection Profile drop-down, select the profile you configured in the previous step.
      Alternatively, you could start creating a new profile here by clicking Zone Protection Profile, in which case you would continue accordingly.
    3. Click OK.
    4. (Optional) Repeat steps 1-3 to apply the profile to additional zones.
  3. Commit your changes.
    Click OK and Commit.

Related Documentation