Sophos Intrusion Prevention

Question

Hi 
 
 At the moment I have no flags on the TCP and UDP Flood Protection. It seems the average packet size I've researched has little effect when flagged as I have dropped packets galore after setting these values, and then flagging them. 
 I have the following settings: 
 SYN Flood 12000/100 - FLAGGED - 12000/100 - FLAGGED 
 UDP Flood 12000/100 - NOT FLAGGED - 18000/100 - FLAGGED 
 TCP Flood 12000/1500 - NOT FLAGGED - 12000/1500 - NOT FLAGGED 
 ICMP/ICMPv6 Flood 1200/100 - FLAGGED - 300/100 FLAGGED 
 Dropped Source Routed Packets - FLAGGED 
 Disable ICMP/ICMPv6 Redirect Packet - FLAGGED 
 ARP Hardening - NOT FLAGGED 
 
 Any help would be appreciated as I feel a bit vulnerable at the moment and am new to Sophos and NGFW's in general!

Aditya Patel · Accepted Answer

Hi Samuel , 
 You may refer our administration guide and set the settings as per your requirement 
 SYN Flood 1200/100 - FLAGGED - 1200/100 - FLAGGED 
 UDP Flood 5000/100 - FLAGGED - 5000/100 - FLAGGED 
 TCP Flood 12000/1500 - NOT FLAGGED - 12000/1500 - NOT FLAGGED 
 ICMP/ICMPv6 Flood 1200/100 - FLAGGED - 300/100 FLAGGED 
 Dropped Source Routed Packets - FLAGGED 
 Disable ICMP/ICMPv6 Redirect Packet - FLAGGED 
 ARP Hardening - NOT FLAGGED