Brute-force attack protection rules
Brute-force attack protection rules to create, edit and view rules for incoming and outgoing network connections. The pre-defined rules cannot be edited or deleted.
Create a new rule, click Add new Brute-force attack protection rule, or Edit selected entries.
This window gives you an overview of existing Brute-force attack protection rules.
Name |
User-defined or automatically chosen rule name. |
---|---|
Enabled |
Deactivate this switch if you want to keep the rule in the list but do not want to use it. |
Action |
The rule specifies an action – Allow or Deny – that should be performed if the conditions are right. |
Protocol |
The communication protocol this rule will inspect. |
Profile |
Custom rules can be set and applied for specific profiles. |
Max attempts |
The maximum number of allowed attempts of attack repetition until the IP address is blocked and added to the blacklist. |
Blacklist retention period (min) |
Sets the time for the address expiration from the blacklist. The default time period for counting the number of attempts is 30 minutes. |
Source IP |
A list of IP addresses/ranges/subnets. Multiple addresses must be separated by a comma. |
Source zones |
Enables you to add a pre-defined or created zone with a range of IP addresses here by clicking Add. |