top of page
Writer's pictureMukesh Chanderia

PA ZONE PROTECTION PROFILE & Sub Interface

Network > Network Profiles > Zone Protection




Tcp SYN Cookies : It is a technique used to resist SYN flood attacks.


An SYN flood attack is a type of denial-of-service attack during which an attacker initiates a TCP connection with an SYN request to a server from lots of different ips and does not respond to SYN+ACK from the server.


As there is a limit on the number of ‘half-open’ TCP connections. The server won't accept any new connections. This will make system unresponsive to legitimate traffic.


In Reconnaissance is used by attacker to gather all possible information about the target before launching an actual attack.












Now Go To Zone Where you would like to apply this profile.




Sub-Interfaces


Let's make interface eth1/4 as subinterface for vlan 3 , vlan 6 and vlan 9


Step 1 : Change interface type of ethernet1/4 as "Layer3".

Here on Parent interface no need to assign virtual router / Zone / ip address






Step 2 : Select ethernet1/4 and click add subinterface from bottom left.


Tag = vlan number



Assign ip address , virtual router and zone




Similarly







34 views0 comments

Recent Posts

See All

PANORAMA

Hook Firewall & Panorama Step 1: Go to Firewall and add the IP address of Primary and secondary Panorama. Step 2: Go to Panorama and in...

Comments


bottom of page