Firewall Protection
157
ProSecure Unified Threat Management (UTM) Appliance
Attack Checks, VPN Pass-through, and Multicast Pass-through
The Attack Checks screen allows you to specify whether the UTM should be protected
against common attacks in the DMZ, LAN, and WAN networks, and lets you configure VPN
pass-through and multicast pass-through. The various types of attack checks are listed on
the Attack Checks screen and defined in Table 30 on page 157.
To enable the appropriate attack checks for your network environment:
1. Select Network Security > Firewall > Attack Checks. The Attack Checks screen
displays:
Figure 83.
2. Enter the settings as explained in the following table:
Table 30. Attack Checks screen settings
Setting Description
WAN Security Checks
Respond to Ping on
Internet Ports
Select the Respond to Ping on Internet Ports check box to enable the UTM to
respond to a ping from the Internet. A ping can be used as a diagnostic tool. Keep
this check box cleared unless you have a specific reason to enable the UTM to
respond to a ping from the Internet.
Enable Stealth Mode Select the Enable Stealth Mode check box (which is the default setting) to prevent
the UTM from responding to port scans from the WAN, thus making it less
susceptible to discovery and attacks.
Block TCP flood Select the Block TCP flood check box to enable the UTM to drop all invalid TCP
packets and to protect the UTM from a SYN flood attack.
A SYN flood is a form of denial of service attack in which an attacker sends a
succession of SYN (synchronize) requests to a target system. When the system
responds, the attacker does not complete the connections, thus leaving the
connection half open and flooding the server with SYN messages. No legitimate
connections can then be made. By default, the Block TCP flood check box is
cleared.