Planet CS-1000 [202/226] Signature

Multi-Homing Security Gateway User’s Manual

6. Click OK.

7. Enable IDP function in policy.

 When the attack behavior matches the signature, CS-1000 will produce log as follows in Log

function of IDP Report.

3.6.2 Signature

Provide relative compare rule to different attack behavior, include three sections: Anomaly, Pre-defined and

Custom.

Anomaly:

Anomaly signature can allow user to define the signature, in order to detect and prevent the irregular attack

behavior. Take Syn Flood as the example:

Definition:

Enable: Check to enable the protection for Syn Flood signature.

Max. Threshold

□ Pkts / Sec: Configure the value to define the Syn Flood signature.

Blocking Time: Set up the timing to block the attacked connection. The function is available when the

Action sets to Drop.

Action: When the packets match the signature, select Pass to pass the packets, or select Drop to discard

- 196 -