: Configure SCTP INIT Flood Protection
Focus
Focus

Configure SCTP INIT Flood Protection

Table of Contents

Configure SCTP INIT Flood Protection

Protect a zone against flooding of SCTP INIT packets by creating a zone protection profile.
Configure zone protection to protect a zone against flooding of SCTP INIT packets. When you Configure SCTP Security (enable SCTP), the option to protect against a flood of SCTP INIT packets becomes available.
  1. Create a Zone Protection profile to protect against flooding of SCTP INIT packets.
    1. Select
      Network
      Network Profiles
      Zone Protection
      Flood Protection
      and enable (select)
      SCTP INIT
      .
    2. Specify the threshold
      Alarm Rate
      (cps) of SCTP INIT packets (not matching an existing session) for the zone, above which the firewall generates an alert. You can view alerts on the Dashboard and in the threat log (range is 0 to 2,000,000). The default varies per firewall model as follows:
      • PA-5280
        —10,000
      • PA-5260
        —7,000
      • PA-5250
        —5,000
      • PA-5220
        —3,000
      • VM-Series
        —1,000
    3. Specify the threshold rate (cps) of SCTP INIT packets (not matching an existing session) for the zone, above which the firewall will
      Activate
      the behavior to drop subsequent SCTP INIT packets. The firewall uses an algorithm to progressively drop more packets as the rate increases until the rate reaches the Maximum rate. The firewall stops dropping SCTP INIT packets if the incoming rate drops below the Activate threshold (range is 1 to 2,000,000; the default varies per firewall model as specified above for the
      Alarm Rate
      action).
    4. Specify the
      Maximum
      rate (cps) of SCTP INIT packets (not matching an existing session) allowed for the zone. When the threshold is exceeded, new connections that arrive are dropped (range is 1 to 2,000,000). The default varies per firewall model as follows:
      • PA-5280
        —20,000
      • PA-5260
        —14,000
      • PA-5250
        —10,000
      • PA-5220
        —6,000
      • VM-Series
        —2,000
    5. Click
      OK
      .
      The Zone Protection profile summary includes a column that indicates whether SCTP INIT Flood protection is enabled.
  2. Apply the Zone Protection profile to a zone.
    1. Select
      Network
      Zones
      and select a zone or Configure Interfaces and Zones to configure a new zone.
    2. For the
      Zone Protection Profile
      , select the profile you just created.
    3. Click
      OK
      .
  3. Commit
    your changes.

Recommended For You