IAD SERIES USERS MANUAL
67
Enable "disable clients that do not comply with IP/MAC binding rules from accessing the external network",please
confirm that the IP/MAC binding table has been bound with the necessary IP/MAC information. Without any
binding information, the device cannot be logged in from the WAN/LAN port.
6.4 DDOS defense
Intrusion protection provides protection against DDOS attacks, can achieve the dynamic filtering of malicious
traffic, prevent large traffic based on a variety of protocol DDOS attacks, effectively ensure the stable operation of
the network. Select "network security >DDOS" and enter the page of "DDOS protection" as shown in figure 6-6.
Figure 6-6 DDos defense
WAN setting page is used to protect external network users from DDoS attacks on devices; The LAN setup page is
used to protect the device from DDoS attacks by Intranet users. Select "enable DDoS protection function" to
Clients who do not match IP/MAC binding
rule cannot access Internet (when the
IP/MAC binding table is empty, all clients
are not allowed to access Internet)
Set whether users in the IP/MAC list have access to
external networks. Check that only addresses enabled in
the IP/MAC list can access the external network.
Enable ARP Attack Defense
Select Clients who do not match IP/MAC binding
rule cannot access Internet can enable ARP attack
defense.
When enabled, ARP packets that do not match the
IP/MAC list are discarded.
auto_ipmacbound
Select the radio box to enable automatic binding.
Enable broadcast storm suppression in
intranet
After selecting the radio box and enabling the broadcast
storm suppression function, the suppression threshold
can be set. When the broadcast traffic exceeds the
threshold, the system will discard the broadcast
message.
Anti-ARP-Spoofing
Select the radio box and enable the ARP anti-spoofing
function. By sending free ARP regularly
Message to update all users' ARP tables to prevent ARP
spoofing. Send free ARP message interval: default is 10
seconds.