1.1.3. DoS and Network Flood Protection

In UserGate, you can configure network flood protection parameters per network zone for TCP (SYN-flood), UDP, and ICMP protocols by setting an alert threshold (the number of requests from a single IP address that triggers logging) and a packet drop threshold (the number of requests after which the packets are dropped with a corresponding log entry).

It is possible to configure exceptions - e.g., for zones that send a large number of UDP packets due to VoIP use.