6 Security functions
SINAUT MD741-1
C79000-G8976-C236-05
77
6.3
Advanced security functions
The advanced security functions serve to protect the SINAUT MD741-1 and the
local applications against attacks. For protective purposes it is assumed that only a
certain number of connections or received PING packets are permissible and
desirable in normal operation, and that a sudden burst represents an attack.
Figure 6-3
Security > Advanced Settings
Maximum number …
The entries
●
Maximum number of new incoming TCP connections per second
●
Maximum number of new outgoing TCP connections per second
●
Maximum number of new incoming ping packets per second
●
Maximum number of new outgoing ping packets per second
set the upper limits. The settings (see illustration) have been selected so that they
will in practice never be reached in normal use. In the event of an attack, however,
they can be reached very easily, which means that the limitations constitute
additional protection. If your operating environment contains special requirements,
then you can change the values accordingly.
External ICMP to the SINAUT MD741-1
You can use this option to affect the response when ICMP packets are received
that are sent from the external network in the direction of the SINAUT MD741-1.
You have the following options:
●
Drop
: All ICMP packets to the SINAUT MD741-1 are discarded.
●
Allow Ping:
Only ping packets (ICMP type 8) to the SINAUT MD741-1 are
accepted.
●
Accept
: All types of ICMP packets to the SINAUT MD741-1 are accepted.