Configuring an emergency setup

You can use the emergency setup option to adjust only certain key thresholds based on empirical knowledge. You can expect these adjustments to protect against common attacks. For example, if you are already under attack, you can use emergency setup to deploy the unit without an initial learning period.

Table 31: Emergency setup configuration
Settings	Default
Inbound SYN Threshold	500
Outbound SYN Threshold	500
Inbound SYN/Source Threshold	500
Outbound SYN/Source Threshold	500
Inbound Most Active Source Threshold	10,000
Outbound Most Active Source Threshold	10,000
Inbound Concurrent Connections per Source Threshold	500
Outbound Concurrent Connections per Source Threshold	500
Inbound Concurrent Connections per Destination Threshold	1,000,000
Outbound Concurrent Connections per Destination Threshold	1,000,000


	To configure with the CLI, use a command sequence similar to the following: edit <spp_name> config ddos spp threshold-adjust set threshold-adjustment-type easy-setup set threshold-easy-setup-inbound-syn-threshold <integer> set threshold-easy-setup-outbound-syn-threshold <integer> set threshold-easy-setup-inbound-syn-per-source-threshold <integer> set threshold-easy-setup-outbound-syn-per-source-threshold <integer> set threshold-easy-setup-inbound-most-active-source-threshold <integer> set threshold-easy-setup-outbound-most-active-source-threshold <integer> set threshold-easy-setup-inbound- concurrent-connections-per-source-threshold <integer> set threshold-easy-setup-outbound- concurrent-connections-per-source-threshold <integer> set threshold-easy-setup-inbound- concurrent-connections-per-destination-threshold <integer> set threshold-easy-setup-outbound- concurrent-connections-per-destination-threshold <integer> set threshold-easy-setup-inbound- concurrent-invite-per-source-threshold <integer> set threshold-easy-setup-outbound- concurrent-invite-per-source-threshold <integer> end