- Protect services from TCP SYN flood attacks
- Protect services from UDP flood attacks with UDP rate limits
Denial-of-Service Protection
StoneGate IPS provides protection against Denial-of-Service (DoS) attacks without disturbing legitimate network traffic.
StoneGate IPS protects against both illegal input and network traffic flood DoS attacks.
Network traffic flood attacks, such as TCP Syn-flood, are stopped by limiting (mitigating) the incoming connection attempts from spoofed address sources under Denial-of-Service attack, preventing them from reaching the target system.
IPS quickly identifies the spoofed connection sources and blocks them, while allowing valid connections to pass through.
UDP flood DoS attacks can be controlled by rate-limiting the incoming UDP datagrams for the Web service.
Illegal input DoS attacks are detected with fingerprints and are prevented by default in the IPS system policy.