How to configure ADP block IP time period?

Zyxel_Jeff
Zyxel_Jeff Posts: 1,284  Zyxel Employee
100 Answers 500 Comments Friend Collector Fourth Anniversary
edited July 2023 in Security Service

Background and Scenario:

Could it be possible to limit the tries from a certain IP to a port forward on the USG FLEX series? For example, someone that sends a DOS to an opened port, if he tries 5 times in a short amount of time, that is blocked for 1 hour.

Answer:

You could configure the block period to 3600 seconds on the ADP profile, as below:

Therefore, if the firewall detects there are ADP events, and will block the suspicious source IP.

Please refer to the below description of Block Period: "Specify for how many seconds the Zyxel Device blocks all packets from being sent to the victim (destination) of a detected anomaly attack. Flood Detection applies blocking to the destination IP address and Scan Detection applies blocking to the source IP address."


See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community