Configuration of SIP flood attack defense for the USG6000 series on the web UI

1

You can configure SIP flood attack defense for the USG6000 series on the web UI.
1. Choose Policy > Security Protection > Attack Defense > Anti-DDoS.
2. On the DDoS page, select Enable corresponding to SIP Flood.

Other related questions:
Configuration of SIP flood attack defense for the USG2000&5000 series on the web UI
You can configure SIP flood attack defense for the USG2000&5000 series on the web UI. Configure SIP flood attack defense based on IP addresses. 1. Choose Firewall > Security Protection > Attack Defense. 2. In the attack defense configuration list, choose Attack Defense Type > Application Layer > SIP Flood. 3. On the Configure SIP Flood Attack Defense page, select Enable corresponding to Defense. 4. Set a port range. 5. Click Add. Enter an IP address in the IP Address text box. 6. Click Apply. Configure SIP flood attack defense based on security zones. 1. Choose Firewall > Security Protection > Attack Defense. 2. In the attack defense configuration list, choose Attack Defense Type > Application Layer > SIP Flood. 3. On the Configure SIP Flood Attack Defense page, select Enable corresponding to Defense. 4. Set a port range. 5. Click the (Optional) Based on Security Zones tab. 6. Click Add. Select a security zone from the Security Zone drop-down list. 7. Click Apply.

Configuration of SIP flood attack defense for the USG6000 series on the CLI
You can configure SIP flood attack defense for the USG6000 series on the CLI. Run the anti-ddos sip-flood source-detect [ alert-rate alert-rate ] command to enable SIP flood attack defense.

Whether the USG6000 series supports SIP flood attack defense
Yes.

Configuration of port scan attack defense for the USG6000 series on the web UI
You can configure port scan attack defense for the USG6000 series on the web UI. 1. Choose Policy > Security Protection > Attack Defense. 2. Click the Single-Packet Attack tab. 3. Select the Port Scan check box to enable the attack defense function. 4. Set the maximum scanning rate and blacklist aging time. If you enable port scan attack defense, enable the blacklist function as well to ensure that the device discards blacklisted packets.

Configuration of SIP flood attack defense for the USG2000&5000 series on the CLI
You can configure SIP flood attack defense for the USG2000&5000 series on the CLI. 1. In the user view, run the system-view command to access the system view. 2. Run the firewall defend sip-flood enable command to enable the SIP flood attack defense function. 3. According to the attack defense scope, run either of the following commands to set SIP flood attack parameters: (a) Run the firewall defend sip-flood ip ip-address [ vpn-instance vpn-instance-name ] [ alert-rate alert-rate ] [ max-rate rate-number ] [ source-detect [ on | off ] ] command to set SIP flood attack defense parameters based on IP addresses. The source detection function is enabled by default. (b) Run the firewall defend sip-flood zone [ vpn-instance vpn-instance-name ] zone-name [ alert-rate alert-rate ] [ max-rate rate-number ] [ source-detect [ on | off ] ] command to set SIP flood attack defense parameters based on security zones. The source detection function is enabled by default. 4. Run the firewall defend sip-flood port range [start-port end-port ] command to set a port range for SIP flood attack defense.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top