Configuring DoS Profiles

You configure DoS profiles at the security-policy dos-profile level.

To create a DoS profile, use the following command:

Admin@nodename# create security-policy dos-profile <parameter>

Available parameters:

Parameter	Description
name	Set profile name.
description	Set profile description.
aggregate	Aggregate the number of packets transmitted per second for all IP addresses or count them individually for each IP address.
syn	Protect against network flooding for TCP protocol. enabled: set network flooding protection for selected protocol alert-threshold: set alert threshold drop-threshold: set drop threshold.
udp	Protect against network flooding for UDP protocol. enabled: set network flooding protection for selected protocol alert-threshold: set alert threshold drop-threshold: set drop threshold.
icmp	Protect against network flooding for ICMP protocol. enabled: set network flooding protection for selected protocol alert-threshold: set alert threshold drop-threshold: set drop threshold.
max-sessions	Set a limit for the number of sessions: <num> --- specify the number of sessions off: do not limit the number of sessions.

To edit an existing DoS profile, use the following command:

Admin@nodename# set security-policy dos-profile <profile-name> <parameter>

The parameters available to update are the same as those used to create a new DoS profile.

To delete a profile, use the following command:

Admin@nodename# delete security-policy dos-profile <profile-name>

To display information about a DoS profile, use the following command:

Admin@nodename# show security-policy dos-profile <profile-name>

You are here