4.7.3 Protected Ports. Advantech EKI-7710G-2CI, EKI-7710E-2C, EKI-7710G-2CPI, EKI-7710G-2CP
Add to My manuals156 Pages
advertisement
4.7.3
Protected Ports
The Protected Port page allows you to configure a single or multiple ports as a protected or unprotected type.
To access this page, click
Security
>
Protected Ports
.
Figure 4.58 Security > Protected Ports
The following table describes the items in the previous figure.
Item Description
Port List
Port Type
Apply
Enter the port number to designate for the Protected Port setting.
Select
Unprotected
or
Protected
to define the port type.
Click
Apply
to save the values and update the screen.
The ensuing table for
Protected Ports Status
settings are informational only: Protected Ports and Unprotected Ports.
4.7.4
DoS Prevention
The DoS Prevention page allows you to setup (enabled or disabled) the denial of service.
4.7.4.1
DoS Global Settings
The DoS Global Settings page allows you to configure (enabled or disabled) the setting for each function.
74 EKI-7710 Series User Manual
To access this page, click
Security
>
DoS Prevention
>
DoS Global Settings
.
Figure 4.59 Security > DoS Prevention > DoS Global Settings
The following table describes the items in the previous figure.
Item
DMAC = SMAC
LAND
UDP Blat
TCP Blat
POD
Description
Click
Enabled
or
Disabled
to define DMAC-SMAC for the DoS Global settings.
Click
Enabled
or
Disabled
to define LAND for the DoS Global settings.
Click
Enabled
or
Disabled
to define UDP Blat for the DoS Global settings.
Click
Enabled
or
Disabled
to define TCP Blat for the DoS Global settings.
Click
Enabled
or
Disabled
to define POD for the DoS Global settings.
EKI-7710 Series User Manual 75
Item Description
IPv6 Min Fragment Click
Enabled
or
Disabled
to define minimum fragment size for the
IPv6 protocol.
Enter the variable in bytes (0 to 65535) to set the minimum fragment size when the function is enabled.
ICMP Fragments Click
Enabled
or
Disabled
to define the ICMP Fragments function.
IPv4 Ping Max Size Click
Enabled
or
Disabled
to set the maximum ping size for the IPv4 protocol.
IPv6 Ping Max Size Click
Enabled
or
Disabled
to set a maximum ping size for the IPv6 protocol.
Ping Max Size Setting
Enter the variable in bytes (0 to 65535) to set the maximum ping size.
Smurf Attack
TCP Min Hdr Size
Click
Enabled
or
Disabled
to set the Smurf Attack function.
Click
Enabled
or
Disabled
to set the minimum header size.
Enter the variable in bytes (0 to 31) to set the minimum header size.
TCP-SYN (SPORT <
1024)
Null Scan Attack
Click
Enabled
or
Disabled
to set the TCP synchronization function
(sport < 1021).
Click
Enabled
or
Disabled
to set the Null Scan Attack function.
X-Mas Scan Attack Click
Enabled
or
Disabled
to set the X-Mas Scan function.
TCP SYN-FIN Attack Click
Enabled
or
Disabled
to set the TCP synchronization termination attack function.
TCP SYN-RST
Attack
TCP Fragment (Offset = 1)
Apply
Click
Enabled
or
Disabled
to set the TCP synchronization reset attack function.
Click
Enabled
or
Disabled
to set the TCP fragment function (offset
=1).
Click
Apply
to save the values and update the screen.
The ensuing table for
DoS Global Information
settings are informational only:
DMAC = SMAC, Land Attack, UDP Blat, TCP Blat, POD (Ping of Death), IPv6 Min
Fragment Size, ICMP Fragment Packets, IPv4 Ping Max Packet Size, IPv6 Ping Max
Packet Size, Smurf Attack, TCP Min Header Length, TCP Syn (SPORT < 1024), Null
Scan Attack, X-Mas Scan Attack, TCP SYN-FIN Attack, TCP SYN-RST Attack and
TCP Fragment (Offset = 1).
4.7.4.2
DoS Port Settings
The DoS Port Settings page allow you to configure DoS security (enabled or disabled) for the selected port.
To access this page, click
Security
>
DoS Prevention
>
DoS Port Settings
.
Figure 4.60 Security > DoS Prevention > DoS Port Settings
The following table describes the items in the previous figure.
Item
Port
Description
Select the port to configure for the DoS prevention function.
76 EKI-7710 Series User Manual
advertisement
Related manuals
advertisement
Table of contents
- 15 Supported Models
- 15 Specifications
- 17 Hardware Views
- 17 1.3.1 Front View
- 21 1.3.2 Rear View
- 22 1.3.3 Top View
- 24 Installation Guidelines
- 24 2.1.1 Connecting Hardware
- 24 Verifying Switch Operation
- 25 Installing the Switch
- 25 2.3.1 DIN Rail Mounting
- 26 2.3.2 Wall-Mounting
- 29 Installing and Removing SFP Modules
- 29 2.4.1 Installing SFP Modules
- 31 2.4.2 Removing SFP Modules
- 32 Connecting the Switch to Ethernet Ports
- 32 2.5.1 RJ45 Ethernet Cable Wiring
- 33 Connecting the Switch to Console Port
- 34 Power Supply Installation
- 34 2.7.1 Overview
- 34 2.7.2 Considerations
- 35 2.7.3 Grounding the Device
- 36 2.7.4 Wiring a Relay Contact
- 37 2.7.5 Wiring the Power Inputs
- 39 Reset Button
- 41 First Time Setup
- 41 3.1.1 Overview
- 41 3.1.2 Introduction
- 41 3.1.3 Administrative Interface Access
- 42 3.1.4 Using the Graphical (Web) Interface
- 42 3.1.5 Configuring the Switch for Network Access
- 43 3.1.6 Configuring the Ethernet Ports
- 43 Command Line Interface Configuration
- 43 3.2.1 Introduction to Command-Line Interface (CLI)
- 44 3.2.2 Accessing the CLI
- 44 Web Browser Configuration
- 44 3.3.1 Preparing for Web Configuration
- 44 3.3.2 System Login
- 47 Log In
- 47 Recommended Practices
- 47 4.2.1 Changing Default Password
- 48 Monitoring
- 48 4.3.1 Device Information
- 49 4.3.2 Logging Message
- 50 4.3.3 Port Monitoring
- 51 4.3.4 Link Aggregation
- 51 4.3.5 LLDP Statistics
- 52 4.3.6 IGMP Statistics
- 53 System
- 53 4.4.1 IP Settings
- 54 4.4.2 DHCP Client Option
- 55 4.4.3 DHCP Auto Provision
- 55 4.4.4 IPv6 Settings
- 56 4.4.5 Management VLAN
- 57 4.4.6 System Time
- 58 L2 Switching
- 58 4.5.1 Port Configuration
- 59 4.5.2 Port Mirror
- 59 4.5.3 Link Aggregation
- 62 4.5.4 802.1Q VLAN
- 66 4.5.5 Q-in-Q
- 67 4.5.6 GARP
- 68 4.5.7 802.3az EEE
- 69 4.5.8 Multicast
- 74 4.5.9 Jumbo Frame
- 74 4.5.10 Spanning Tree
- 79 4.5.11 X-Ring Elite
- 80 4.5.12 X-Ring Pro
- 81 4.5.13 Loopback Detection
- 82 MAC Address Table
- 82 4.6.1 Static MAC
- 83 4.6.2 MAC Aging Time
- 84 4.6.3 Dynamic Forwarding Table
- 84 Security
- 84 4.7.1 Storm Control
- 86 4.7.2 Port Security
- 87 4.7.3 Protected Ports
- 87 4.7.4 DoS Prevention
- 90 4.7.5 Applications
- 92 4.7.6 802.1x
- 93 4.7.7 IP Security
- 94 4.8.1 General
- 99 4.8.2 QoS Basic Mode
- 100 4.8.3 Rate Limit
- 102 Management
- 102 4.9.1 LLDP
- 106 4.9.2 SNMP
- 109 4.9.3 Power Over Ethernet
- 110 4.9.4 TCP Modbus
- 111 4.9.5 DHCP Server
- 115 4.9.6 SMTP Client
- 117 4.9.7 RMON
- 120 Diagnostics
- 120 4.10.1 Cable Diagnostics
- 121 4.10.2 Ping Test
- 122 4.10.3 IPv6 Ping Test
- 123 4.10.4 System Log
- 125 4.10.5 DDM
- 126 Tools
- 126 4.11.1 IXM
- 127 4.11.2 Backup Manager
- 128 4.11.3 Upgrade Manager
- 128 4.11.4 Dual Image
- 129 4.11.5 Save Configuration
- 129 4.11.6 User Account
- 130 4.11.7 Reset System
- 130 4.11.8 Reboot Device
- 130 Modbus/TCP Mapping
- 130 4.12.1 Modbus/TCP Mapping Table
- 155 Troubleshooting