Shield - Revision history

Græmer: /* Shield */

2022-05-03T16:20:38Z

Shield

← Older revision		Revision as of 16:20, 3 May 2022
Line 4:		Line 4:

	The shield monitors the session creation rate of the clients creating sessions.		The shield monitors the session creation rate of the clients creating sessions.
	Each time a session is processed by ~~Untangle~~ the shield calculates the current session creation rate of the client initiating the session. If the session creation rate of the client reaches a level that the shield considers too aggressive the session creation rate of that client is limited to that level.		Each time a session is processed by NG Firewall the shield calculates the current session creation rate of the client initiating the session. If the session creation rate of the client reaches a level that the shield considers too aggressive the session creation rate of that client is limited to that level.

	{{TriScreenshot\|config\|system\|shield}}		{{TriScreenshot\|config\|system\|shield}}

	This process protects the ~~Untangle~~ server and also protects the network from [http://en.wikipedia.org/wiki/Denial-of-service_attack Denial of Service (DOS) attacks].		This process protects the NG Firewall server and also protects the network from [http://en.wikipedia.org/wiki/Denial-of-service_attack Denial of Service (DOS) attacks].

	== Enable Shield ==		== Enable Shield ==

Dmorris at 19:17, 12 June 2017

2017-06-12T19:17:18Z

← Older revision		Revision as of 19:17, 12 June 2017
Line 5:		Line 5:
	The shield monitors the session creation rate of the clients creating sessions.		The shield monitors the session creation rate of the clients creating sessions.
	Each time a session is processed by Untangle the shield calculates the current session creation rate of the client initiating the session. If the session creation rate of the client reaches a level that the shield considers too aggressive the session creation rate of that client is limited to that level.		Each time a session is processed by Untangle the shield calculates the current session creation rate of the client initiating the session. If the session creation rate of the client reaches a level that the shield considers too aggressive the session creation rate of that client is limited to that level.

			{{TriScreenshot\|config\|system\|shield}}

	This process protects the Untangle server and also protects the network from [http://en.wikipedia.org/wiki/Denial-of-service_attack Denial of Service (DOS) attacks].		This process protects the Untangle server and also protects the network from [http://en.wikipedia.org/wiki/Denial-of-service_attack Denial of Service (DOS) attacks].

Dmorris at 03:35, 27 December 2016

2016-12-27T03:35:45Z

New page

<span style="display:none" class="helpSource system_shield">Shield</span>

= Shield =

The shield monitors the session creation rate of the clients creating sessions.
Each time a session is processed by Untangle the shield calculates the current session creation rate of the client initiating the session. If the session creation rate of the client reaches a level that the shield considers too aggressive the session creation rate of that client is limited to that level.

This process protects the Untangle server and also protects the network from [http://en.wikipedia.org/wiki/Denial-of-service_attack Denial of Service (DOS) attacks].

== Enable Shield ==

If checked, the shield is enabled. If unchecked the shield is disabled. ''Warning:'' do not disable the shield. Doing so may cause performance and stability issues. This checkbox is provided to allow for troubleshooting. It is never suggested to leave the shield disabled after any troubleshooting steps.

Note, the shield ''only'' looks at new session requests, it does not influence or process traffic of existing sessions.
It also does not scan bypassed sessions.

== Shield Rules ==

Shield rules are evaluated at session creation time. The [[Rules|rules documentation]] describes how rules are processed.

If one of the rules matches, the action from the first matching rules is applied. If no shield rule matches the session is scanned.

If the session is scanned if the current session creation rate is too high, the packet will be dropped. If the current session creation rate is not too high, the current session creation rate is adjusted to account for this new session and the session is allowed.

== Reports ==

{{:Shield Reports}}

== FAQ ==

=== Does the Shield limit bandwidth? ===

No, the Shield only looks at new session requests. After the session is accepted the data of that session is not scanned by the shield. It has no capability to see or process the data of accepted connections.