Denial of Service Security Suite Settings
NOTE Before activating DoS Prevention, you must unbind all Access Control Lists (ACLs) or advanced QoS policies that are bound to a port. ACL and advanced QoS policies are not active when a port has DoS Protection enabled on it.
To configure DoS Prevention global settings and monitor SCT:
- Click Security > Denial of Service Prevention > Security Suite Settings. The Security Suite Settings displays.
- CPU Protection Mechanism: Enabled indicates that SCT is enabled. Click Details beside CPU Utilization to enable viewing CPU resource utilization information.
- Select DoS Prevention to enable the feature.
- If System-Level Prevention or System-Level and Interface-Level Prevention is selected, enable one or more of the following DoS Prevention options:
- Stacheldraht Distribution--Discards TCP packets with source TCP port equal to 16660.
- Invasor Trojan--Discards TCP packets with destination TCP port equal to 2140 and source TCP port equal to 1024.
- Back Orifice Trojan--Discards UDP packets with destination UDP port equal to 31337 and source UDP port equal to 1024.
- Click Apply. The Denial of Service prevention Security Suite settings are defined, and the Running Configuration file is updated.