Intrusion Detection

When the SPI (Stateful Packet Inspection) firewall feature is enabled, all packets can be blocked.  Stateful Packet Inspection (SPI) allows full support of different application types that are using dynamic port numbers.  For the applications checked in the list below, the Device will support full operation as initiated from the local LAN.

The Device firewall can block common hacker attacks, including IP Spoofing, Land Attack, Ping of Death, IP with zero length, Smurf Attack, UDP port loopback, Snork Attack, TCP null scan, and TCP SYN flooding.

  • Intrusion Detection Feature
    SPI firewall protection
    Anti-DoS firewall protection
    RIP defect
    Discard Ping To WAN Interface
  • Stateful Packet Inspection
    Packet Fragmentation
    TCP Connection
    UDP Session
    FTP Service
    H.323 Service
    TFTP  Service
  • When hackers attempt to enter your network, we can alert you by Email

    Your Email Address :

    SMTP Server Address :

    SMTP Authentication

  • Connection Policy

    Fragmentation half-open wait: secs

    TCP SYN wait: sec.

    TCP FIN wait: sec.

    TCP connection idle timeout: sec.

    UDP session idle timeout: sec.

    H.323 data channel idle timeout: sec.

  • DoS Detect Criteria:

    Total incomplete TCP/UDP sessions HIGH: session

    Total incomplete TCP/UDP sessions LOW: session

    Incomplete TCP/UDP sessions (per min) HIGH: session

    Incomplete TCP/UDP sessions (per min) LOW: session

    Maximum incomplete TCP/UDP sessions number from same host:

    Incomplete TCP/UDP sessions detect sensitive time period: msec.

    Maximum half-open fragmentation packet number from same host:

    Half-open fragmentation detect sensitive time period: msec.

    Flooding cracker block time: sec.