Symantec 360R Administration Guide - Page 118
TCP flag validation, IDS/IPS, WLAN/LAN, Enable
UPC - 037648240185
View all Symantec 360R manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 118 highlights
118 Preventing attacks Enabling advanced protection settings 1 In the SGMI, in the left pane, click IDS/IPS. 2 In the right pane, on the Advanced tab, under IP Spoof Protection, check WAN or WLAN/LAN. 3 Click Save. TCP flag validation Certain port mapping tools, such as NMAP, use invalid TCP flag combinations to detect a firewall on a network or map the security policy implemented on the firewall. Symantec Gateway Security 300 Series blocks and logs any traffic with illegal flag combinations for traffic that is not being denied by the security policy. Any traffic denied by the security policy that has one or more bad TCP flag combinations is classified as one of several NMAP port scanning techniques (NMAP Null Scan, NMAP Christmas Scan, and so on). To enable TCP flag validation See "IDS Protection tab field descriptions" on page 205. 1 In the SGMI, in the left pane, click IDS/IPS. 2 In the right pane, on the Advanced tab, under TCP Flag Validation, check Enable.