Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Security Best Practice: Familiarize Yourself with the Network Quota Protection

Subscribe

Check Point Reference: SBP-2008-28
Date Published:
Severity:
Source: IPS Research Center
Industry Reference(s): CVE-2002-0957
CVE-2002-0629
Protection Provided by: Security Gateway
  • R70
VPN-1
  • NGX R65
VSX
  • NGX R65
Who is Vulnerable?
Computers and Networks
Vulnerability Description
Network Quota enforces a limit upon the number of connections that are allowed from the same source IP, to protect against Denial Of Service attacks.
Vulnerability Details
When a certain source exceeds the number of allowed connections, Network Quota can either block all new connection attempts from that source or track the event.

Protection Overview
This protection enforces a limit upon the number of connections that are allowed from the same source IP.

To configure the defense, select your product from the list below and follow the related protection steps.

Security Gateway R70

How Can I Protect My Network?
1. In the IPS tab, click Protections > By Protocol > Network Security > IP and ICMP.
2. In the right pane, double-click the Network Quota protection.
3. In the Protection Details window, click on Edit. Choose the protection's Action (Override IPS Policy with: Prevent/Detect), and apply Additional Settings.
4. Install policy on all modules.

How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:

Attack Name: Network Quota Violation
Attack Information: Network quota was exceeded

VPN-1 NGX R65 & VPN-1 VSX NGX R65

How Can I Protect My Network?
1. In the SmartDefense tab, click Network Security > IP and ICMP.
2. Select the following protection:

Network Quota

3. In the configuration pane, under Settings > Mode, check Active. Apply additional settings.
4. Install policy on all modules.

How Do I Know if My Network is Under Attack?
SmartView Tracker will log the following entries:

Attack Name: Network Quota Violation
Attack Information: Network quota was exceeded