12.10.12. Configuring DoS profiles

You configure DoS profiles at the security-policy dos-profile level.

To create a DoS profile, use the following command:

Admin@UGOS# create security-policy dos-profile

Available parameters:

Parameter	Description
name	Set profile name.
description	Set profile description.
aggregate	Aggregate the number of packets transmitted per second for all IP addresses or count them individually for each IP address.
dos-protection-syn	Protect against network flooding for TCP protocol. enabled: set the network flooding configuration for the selected protocol. alert-threshold: set alert threshold. drop-threshold: set packet drop threshold.
dos-protection-udp	Protect against network flooding for UDP protocol. enabled: set the network flooding configuration for the selected protocol. alert-threshold: set alert threshold. drop-threshold: set packet drop threshold.
dos-protection-icmp	Protect against network flooding for ICMP protocol. enabled: set the network flooding configuration for the selected protocol. alert-threshold: set alert threshold. drop-threshold: set packet drop threshold.
max-sessions	Set a limit for the number of sessions: <num>: specify the number of sessions. off: do not limit the number of sessions.

To update an existing DoS profile, use the following command:

Admin@UGOS# set security-policy dos-profile <profile-name>

The parameters available to update are the same as those used to create a new DoS profile.

To delete a profile, use the following command:

Admin@UGOS# delete security-policy dos-profile <profile-name>

To display information about a DoS profile, use the following command:

Admin@UGOS# show security-policy dos-profile <profile-name>

You are here