6.5.7. Procedure – Connection rate limiting

Purpose: 

To limit the maximum rate of new connections in order to prevent from Denial of Service (DoS) attacks, configure the connection rate limiting options on the Limits tab of the firewall rule. You can specify the number of connections that Zorp accepts within a given time period. Connection requests above this maximum rate are denied.

Steps: 

1. Navigate to <Host> > Zorp > Firewall Rules.

2. Select the rule to edit, then click Edit > Limits.

3. Click Enable rate limiting, then set the maximum number of permitted connection requests (per second) in the Maximum average match rate field.

   

   Figure 6.49. Connection rate limiting

4. • To limit the rate of connections based on the destination in the connection requests, select Match packet destination IP address.

   • To limit the rate of connections based on the source of the connection requests, select Match packet source IP address.

5. Set other parameters as needed for your environment.