3-1
3
Virus Throttling
Contents
Overview of Connection-Rate Filtering . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
General Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5
Filtering Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5
Sensitivity to Connection Rate Detection . . . . . . . . . . . . . . . . . . . . 3-5
Application Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6
Operating Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7
Unblocking a Currently Blocked Host . . . . . . . . . . . . . . . . . . . . . . 3-7
General Configuration Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8
For a network that is relatively attack-free: . . . . . . . . . . . . . . . . . . . . . 3-8
For a network that appears to be under significant attack: . . . . . . . . . 3-9
Configuring Connection-Rate Filtering . . . . . . . . . . . . . . . . . . . . . . . . 3-10
Global and Per-Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10
Enabling Connection-Rate Filtering and Configuring Sensitivity . . .
3-11
Configuring the Per-Port Filtering Mode . . . . . . . . . . . . . . . . . . . 3-12
Example of a Basic Connection-Rate Filtering Configuration . . 3-13
Viewing and Managing Connection-Rate Status . . . . . . . . . . . . . . . . . 3-15
Viewing Connection-Rate Configuration . . . . . . . . . . . . . . . . . . . 3-15
Listing Currently-Blocked Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . 3-17
Unblocking Currently-Blocked Hosts . . . . . . . . . . . . . . . . . . . . . . 3-18
Configuring and Applying Connection-Rate ACLs . . . . . . . . . . . . . . 3-19
Connection-Rate ACL Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20
Configuring a Connection-Rate ACL Using
Source IP Address Criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-21
Configuring a Connection-Rate ACL Using UDP/TCP Criteria . . . . . 3-23
Applying Connection-Rate ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26
Using CIDR Notation To Enter the ACE Mask . . . . . . . . . . . . . . . . . . 3-26
Comments to this Manuals