+ All Categories
Home > Documents > ZoneDefence v2 0 - files.dlink.com.au

ZoneDefence v2 0 - files.dlink.com.au

Date post: 03-Feb-2022
Category:
Upload: others
View: 3 times
Download: 0 times
Share this document with a friend
12
D-Link Security 1 ZoneDefense
Transcript
Page 1: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

1

ZoneDefense

Page 2: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

2

DMZ

Subnet A

WAN

Subnet B

Subnet C

Firewall

Infected Host

� If there’s an infected host spreading worm into the network.

� Firewall can stop the malicious traffic flooding to other subnets but have no way to stop it infecting its network [Subnet A].

� The most effective solution will be: Firewall triggers the ACL in LAN switches to perform real time filtering on any malicious traffic.

Sets ACL to block specificMAC or IP address

D-Link Firewalls implement

ZoneDefense feature to

perform proactive network

security with D-Link switches

DES-3x26S

DES-3350SR

DES-3250TG

DES-3500 series

DES-3800 series

xStack series

Setup Examples

ZoneDefense

Page 3: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

3

• ZoneDefense is a proprietary solution from D-Link. It operates

with D-Link switches to isolate infected hosts that are generating

unusual traffic on LAN.

• It uses Threshold rules to examine connections through the

firewall and take actions upon them. The threshold rules monitor

the number of connections per second.

• When a pre-defined limit is reached, the firewall sends block

requests to the switches configured for ZoneDefense.

Setup Examples

ZoneDefense

Page 4: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

4

WAN1192.168.174.70/24

PC

PC

LAN1 IP: 192.168.1.1/24

DGS-3324SR192.168.1.250/24

INTERNET

Block HTTP requests for every host if it exceeds 4 sessions per second

Setup Examples

ZoneDefense

Page 5: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

5

Setup Examples

ZoneDefense

Setting up ZoneDefence in the firewall to control the ACL in a ZoneDefence aware switch.

Configuration Steps:

• Configure the switch.• Exclude the switch and Administrator’s PC.• Create and configure the Threshold rules.

Page 6: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

6

Verify communication between the firewall and the switch.

Check the SNMP community in the switch.

Command: “show snmp community”

Setup Examples

ZoneDefense

Page 7: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

7

Go to Objects > Address Book > Interface Addresses.

Create two new objects for the switch and for the administrator’s PC.

Setup Examples

ZoneDefense

Page 8: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

8

Go to Zone Defense > Switches.

Add a new switch and specify the model of the switch.

Set the correct SNMP community string. Check connectivity with the switch.

Setup Examples

ZoneDefense

Page 9: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

9

Go to Zone Defense > Exclude.

Add a new entry and select the Switch IP and the Administrator’s PC IP.

Setup Examples

ZoneDefense

Page 10: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

10

Go to Traffic Management > Threshold Rules. Create a new threshold rule. Select the required service and interfaces then click OK button.

Create a threshold action required. Set the desired threshold (connections per second). Enable Use ZoneDefense and click OK button.

Setup Examples

ZoneDefense

Page 11: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

11

Save and Activate the new configuration.

Setup Examples

ZoneDefense

Page 12: ZoneDefence v2 0 - files.dlink.com.au

D-Link Security

12

Setup Examples

ZoneDefense

Firewall ZoneDefense status:


Recommended