DoS attacks are done by initiating as many sessions as possible on the victim server as an attempt to make this server unresponsive or unavailable. Untangle Shield (previously known as Attack Blocker) is used to protect Untangle NGFW and the network against DoS attacks.
The Shield (located under Config | System | Shield) monitors the clients' session creation rate. Every time a client initiates a session, the Shield will calculate the session creation rate of that client. If this rate is considered to be too high, the Shield will refuse any additional sessions from that client.
Note
The Shield is enabled by default and should not be disabled unless for troubleshooting.
The Shield runs during session initialization, and it only monitors the session creation rate. The Shield is not able to see or scan the session traffic.
The default session creation rate limit is one user (which is a reasonable number of sessions that can be created by a single...