Prevent and detect invalid IP, ICMP, TCP, and UDP checksums using IPS Network Services

Description

Prevent and detect invalid IP, ICMP, TCP, and UDP checksums using IPS Network Services

Resolution

The IPS Network Services section allows you to configure SonicWall IPS to prevent (Prevent Invalid Checksum) and detect (Detect Invalid Checksum) invalid IP, ICMP, TCP, and UDP checksums.

  • If Prevent Invalid Checksum is enabled, the SonicWall security appliance automatically drops and resets the connection, to prevent the traffic from reaching its destination.
  • If Detect Invalid Checksum is enabled, the SonicWall security appliance logs and alerts any traffic, but does not take any action against the traffic. The connection proceeds to its intended destination. You view the SonicWall log on the Log > View page as well as configure how alerts are handled by the SonicWall security appliance in the Log > Automation page.
  • If Detect Invalid Checksum and Prevent Invalid Checksum are both enabled, the SonicWall logs and alerts any traffic, as well as automatically drop and reset the connection, to prevent the traffic from reaching its destination.
  • Check Enable IP Reassembly to reassemble fragments for full application layer inspection.

When you select Detect Invalid Checksum, the Low Priority Attack Log Redundancy setting is used for logging.

 

 

 

Source: SonicWall Intrusion Prevention Service 2.0 Administrator’s Guide

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community