Purpose: Configure Intranet Security settings on the switch interface (sw0) for Cloud Edge gateways with hardware switch chipset.
Location: Gateways > (Selected Gateway) > NETWORK > Interfaces > sw0

Procedure

  1. Review the list of switch interface (sw0) settings.
    List of Switch Interface (sw0) Settings
  2. Select the Intranet Security mode.
    Option Description
    High Security
    Characteristics include the following:
    • Internet: All security scanning (policy rules, profiles, flooding and port scan, etc.)
    • Intranet: All security scanning (as above), excluding mail scanning
    • Security protection: Offers the highest security protection for intranet traffic, but provides slowest performance
    Balanced
    Characteristics include the following:
    • Internet: All security scanning (policy rules, profiles, flooding and port scan, etc.)
    • Intranet: Part of security scanning (policy rules, flooding and port scan)
    • Security protection: Provides medium level security protection with medium level performance for intranet traffic
    High Speed
    Characteristics include the following:
    • Internet: All security scanning (policy rules, profiles, flooding and port scan, etc.)
    • Intranet: No security scanning
    • Security protection: Provides highest performance without any security protection for intranet traffic.
  3. (High Security and Balanced mode only) Ensure that Anomaly detection is set to the desired setting.
    Important
    Important
    This is a read-only field that provides information about whether IPS protection is enabled. Anomaly detection is a feature of IPS. To use anomaly detection, you must enable IPS on the IPS page of the gateway profile that is applied to this gateway. Anomaly detection must be enabled before Cloud Edge can provide flood and port scan protection.
  4. (High Security and Balanced mode only) Select the Flood rules that you want enabled, then modify the threshold value for each flood rule if you do not want to keep the default threshold.
    All flood rules are enabled by default to protect against flood attacks.
    Option Description
    TCP SYN Flood
    Default threshold: 8000
    ICMP Flood
    Default threshold: 8000
    UDP Flood
    Default threshold: 8000
    IGMP Flood
    Default threshold: 8000
  5. (High Security and Balanced mode only) Select the Port scan rules that you want enabled, then modify the threshold value for each rule if you do not want to keep the default threshold.
    All port scan rules are enabled by default to protect against port scan attacks.
    Option Description
    UDP Port Scan
    Default threshold: 1000
    TCP Port SYN Scan
    Default threshold: 1000
    TCP Port FIN Scan
    Default threshold: 1000
    TCP Port NULL Scan
    Default threshold: 1000
    TCP Port Xmas Scan
    Default threshold: 1000
  6. Click Save.
Related information