D-Link DFL-2400 [62/112] Define policy actions

D-Link DFL-2400 [62/112] Define policy actions
DFL-2100/DFL-2400 Intrusion Detection System User Manual
5
2
Figure 5-14: The DDoS Parameters Setup
Define Policy Actions
The final procedure to edit a policy is to define what kind of action will be applied
when this policy conditions are matched. There are several actions are available:
1. Alarm by Email: the DFL-2100/DFL-2400 will send a mail contain the
information of this attack to the email addresses of administrators defined
in email trap instantly.
2. Log: the attack will be logged and managed by DFL-2100/ DFL-2400
Reporting System.
3. Block Packet: this attack packet would be dropped.
4. Block Connection: this attack packet would be dropped and its connection
would be cut off.
5. Log packet headers: this attack packet header (the first 64 bytes) will be
logged.
Figure 5-15:The Actions Setup
Tip If you got a lot of false alarm of DDoS attack, you could try
to lower this value. But before doing this, you had better
check the DFL-2100/DFL-2400 Reporting System and
inspect the logged packet headers. That makes sure that
they are really false alarm or not.

Содержание

Скачать