Brute-force attack protection rules
Brute-force attack protection rules to create, edit and view rules for incoming and outgoing network connections. The pre-defined rules cannot be edited or deleted. Create a new rule, click Add new Brute-force attack protection rule, or Edit selected entries.
|
To ensure the highest possible protection, the blocking rule with the lowest Max attempts value is applied even if the rule is positioned lower in the Rules list when multiple blocking rules match the detection conditions. |
This window gives you an overview of existing Brute-force attack protection rules.
Name |
User-defined or automatically chosen rule name. |
|---|---|
Enabled |
Deactivate this switch if you want to keep the rule in the list but do not want to use it. |
Action |
The rule specifies an action – Allow or Deny – that should be performed if the conditions are right. |
Protocol |
The communication protocol this rule will inspect. |
Profile |
Custom rules can be set and applied for specific Network connection profile. |
Max attempts |
The maximum number of allowed attempts of attack repetition until the IP address is blocked and added to the blacklist. |
Blacklist retention period (min) |
Sets the time for the address expiration from the blacklist. The default time period for counting the number of attempts is 30 minutes. |
Source IP |
A list of IP addresses/ranges/subnets. Multiple addresses must be separated by a comma. |
Source IP sets |
Set of IP addresses you have already defined in IP sets. |