ICMP Flood Protection functions similar to UDP Flood Protection, except it monitors for ICMPv4/ICMPv6 Flood Attacks. The only difference is that DNS queries are not allowed to bypass ICMP Flood Protection.
To configure ICMP Flood Protection
Do one of the following:
Add a new DoS Action Profile.
Edit an existing DoS Action Profile.
Hover over an existing DoS Action Profile and click the Edit icon.
Click Flood Protection > ICMP Flood Protection option.
Make the necessary changes to the default values.
ICMP Flood Attack Threshold |
The maximum number of ICMP packets allowed per second to be sent to a host, range, or subnet. The minimum number is 10, the maximum number is 100000, and the default number is |
ICMP Flood Attack Blocking Time |
After the appliance detects the rate of ICMP packets exceeding the attack threshold for this duration of time, ICMP Flood Protection is activated, and the appliance begins dropping subsequent ICMP packets. The minimum time is 1 second, the maximum time is 120 seconds, and the default time is 2 seconds. |