SIGN:UDP-FLOOD
In this section we will configure the UDP flood detection.
The detection is enabled by default and it triggers when a victim receives 20'000 UDP packets per second for at least 10 seconds.
Enable/disable detection
| Product | Guardian |
| Syntax | conf.user configure vi udp_flood_detection enabled [true|false] |
| Description | Enable (option true) or disable (option false) the UDP flood detection.
|
| Where | CLI |
| To apply | It is applied automatically |
Set detection threshold
| Product | Guardian |
| Syntax | conf.user configure vi udp_flood_detection packets_per_second <threshold> |
| Description | Set the UDP flood detection threshold, in packets per second. |
| Parameters | threshold: The amount of UDP packets per second to be transmitted to a victim
for at least 10 seconds in order to trigger the detection (default: 20000) |
| Where | CLI |
| To apply | It is applied automatically |
For example, we can configure the UDP flood detection to trigger when a victim receives 40'000 UDP packets per
second for at least 10 seconds with the following configuration command:
vi udp_flood_detection packets_per_second 40000