TCP Shield
TCP shield is defending mechanism protecting against TCP Flood attacks such as TCP Authenticatiion, TCP SYN Flood etc while allowing genuine traffic. This mitigation allows our DDoS solution to verify the legitimacy of connection requests before establishing a session, preventing spoofed or malicious handshakes.
How to Use:
-
Stack > Resource > DDoS > Profile > Connection > TCP Shield
-
Configure the settings
-
Click on Save Changes
Description:
ENABLE CONNECTION SHIELD
Enable TCP connection proxy for protecting against TCP Flood attacks such as TCP SYN Flood, etc.
Accepted values: Enable / Disable
Default: 1000
CONNECTION SHIELD TRIGGER THRESHOLD
If TCP connection proxy is enabled, specify the number of active connections after which the proxy will be enabled for all subsequent connection requests. Set 0 for enabling proxy for all connections.
Accepted values: Integer
Default: 1000
CONNECTION SHIELD ADVERTISED MSS
TCP MSS field specified the largest segment size allowed in the connection. This configuration allows users to choose appropriate MSS values for their network.
Accepted values: Integer
Default: 1460