Configure SCTP INIT Flood Protection
Expand all | Collapse all
Configure SCTP INIT Flood Protection
Protect a zone against flooding of SCTP INIT packets
by creating a zone protection profile.
Configure zone protection to protect a zone
against flooding of SCTP INIT packets. When you
Configure
SCTP Security (enable SCTP), the option to protect against
a flood of SCTP INIT packets becomes available.
Create a Zone Protection profile to protect against
flooding of SCTP INIT packets.
Select and enable
(select)
SCTP INIT
.
Specify the threshold
Alarm Rate
(cps)
of SCTP INIT packets (not matching an existing session) for the
zone, above which the firewall generates an alert. You can view
alerts on the Dashboard and in the threat log (range is 0 to 2,000,000).
The default varies per firewall model as follows:
Specify the threshold rate (cps) of SCTP INIT packets
(not matching an existing session) for the zone, above which the
firewall will
Activate
the behavior to drop
subsequent SCTP INIT packets. The firewall uses an algorithm to
progressively drop more packets as the rate increases until the
rate reaches the Maximum rate. The firewall stops dropping SCTP
INIT packets if the incoming rate drops below the Activate threshold
(range is 1 to 2,000,000; the default varies per firewall model
as specified above for the
Alarm Rate
action).
Specify the
Maximum
rate (cps)
of SCTP INIT packets (not matching an existing session) allowed
for the zone. When the threshold is exceeded, new connections that
arrive are dropped (range is 1 to 2,000,000). The default varies
per firewall model as follows:
The Zone Protection profile summary includes a column
that indicates whether SCTP INIT Flood protection is enabled.
Apply the Zone Protection profile to a zone.
For the
Zone Protection Profile
,
select the profile you just created.