Configure Firewall Denial of Service (DoS) Policy

A Denial of Service (DoS) attack is an attempt to make a computer or network resource unavailable to its intended users. Although the means to carry out a DoS attack will vary, it generally consists of a concerted effort of one or more persons attempting to prevent a device, site or service from functioning temporarily or indefinitely.

Most DoS attacks involve saturating the target device with external communications requests so it cannot respond to legitimate traffic or respond so slowly the device becomes unavailable in respect to its defined data rate. DoS attacks are implemented by either forcing targeted devices to reset or consuming the device‘s resources so it can no longer provide service.

To configure or modify a Firewall DoS policy:

  1. Choose from the following actions:
    • If you are in the process of configuring a new Firewall policy, proceed to the next step.

    • If you want to modify DoS settings, go to Policy > Wireless Firewall > Firewall Policy, then select adjacent to the policy you want to modify. Proceed to the next step, and modify the DoS settings in accordance with the steps in this procedure.

  2. Select the DoS tab.
  3. Under the Settings pane, configure the DoS event parameters for the wireless controller's firewall, as described in Firewall DoS Event Policy Parameters.
    Table 1. Firewall DoS Event Policy Parameters
    Parameter Description
    Event Lists the name of each DoS attack type. See Firewall DoS Event Descriptions for a detailed description of each attack type.
    Enable Select Enable to set the firewall policy to filter the associated DoS attack based on the selection in the Action column
    Action If a DoS filter is selected, chose an action from the drop-down list box to determine how the firewall policy treats the associated DoS attack
    • Log and Drop - An entry for the associated DoS attack is added to the log and then the packets are dropped
    • Log Only - An entry for the associated DoS attack is added to the log. No further action is taken
    • Drop Only - The DoS packets are dropped. No further action is taken
    Log Level Select to enable logging to the system log. Then select a standard Syslog level from the Log Level drop-down list box
    Info Additional information about the DoS firewall setting
  4. Choose from the following actions:
    1. Select Apply to commit the configured settings.
      Note

      Note

      This does not save the settings you configured; it provides a preview of your applied settings. To undo the settings you applied, select Revert.
    2. Select Save to commit and save the configured settings.
      Note

      Note

      If you do not select Save, the settings that you configured are not saved when you move away from the configuration window.

9037761-04 Rev AA