SonicOS 7.0 Objects
- SonicOS 7.0
- Match Objects
- Zones
- How Zones Work
- Default Zones
- Security Types
- Allow Interface Trust
- Effect of Wireless Controller Modes
- Zones Overview
- The Zones Page
- Adding a New Zone
- Adding a New Zone in Policy Mode
- Adding a New Zone in Classic Mode
- Configuring a Zone for Guest Access
- Configuring a Zone for Open Authentication and Social Login
- Configuring the WLAN Zone
- Configuring the RADIUS Server
- Configuring DPI-SSL Granular Control per Zone
- Enabling Automatic Redirection to the User-Policy Page
- Cloning a Zone
- Editing a Zone
- Deleting Custom Zones
- Addresses
- Addresses Page
- About UUIDs for Address Objects and Groups
- Working with Dynamic Address Objects
- Services
- URI Lists
- Schedules
- Dynamic Group
- Email Addresses
- Match Objects
- Countries
- Applications
- Web Categories
- Websites
- Match Patterns
- Custom Match
- Profile Objects
- Endpoint Security
- Bandwidth
- QoS Marking
- Content Filter
- DHCP Option
- Block Page
- Anti-Spyware
- Gateway Anti-Virus
- Log and Alerts
- Intrusion Prevention
- AWS
- Action Profiles
- Security Action Profile
- DoS Action Profile
- Action Objects
- App Rule Actions
- Content Filter Actions
- Object Viewer
- SonicWall Support
ICMP Flood Protection
ICMP Flood Protection functions similar to UDP Flood Protection, except it monitors for ICMPv4/ICMPv6 Flood Attacks. The only difference is that DNS queries are not allowed to bypass ICMP Flood Protection.
To configure ICMP Flood Protection
- Navigate to OBJECT | Action Profiles > DoS Action Profile.
-
Do one of the following:
-
Add a new DoS Action Profile.
- Click the Add icon.
- Enter a friendly DoS Rule Action Name.
-
Edit an existing DoS Action Profile.
Hover over an existing DoS Action Profile and click the Edit icon.
-
-
Click Flood Protection > ICMP Flood Protection option.
- Enable ICMP Flood Protection to enable ICMP flood protection and enable the other ICMP Flood Protection options.
-
Make the necessary changes to the default values.
ICMP Flood Attack Threshold The maximum number of ICMP packets allowed per second to be sent to a host, range, or subnet.
The minimum number is 10, the maximum number is 100000, and the default number is
1000 .ICMP Flood Attack Blocking Time After the appliance detects the rate of ICMP packets exceeding the attack threshold for this duration of time, ICMP Flood Protection is activated, and the appliance begins dropping subsequent ICMP packets.
The minimum time is 1 second, the maximum time is 120 seconds, and the default time is 2 seconds.
- Click Save.
- Click Cancel to go back to the DoS Action Profile page or proceed with other configurations.
Was This Article Helpful?
Help us to improve our support portal