Flow Options

SYN Cookie is a stateless SYN proxy mechanism you can use in conjunction with traditional SYN flood defenses to protect a security device against a SYN flood attack. Like a traditional SYN proxy, SYN Cookie is activated when the syn-flood attack-threshold is exceeded. You must set an attack threshold before enabling SYN Cookie.

To Enable SYN Cookie

To enable the SYN Cookie feature globally on a security device:

  1. Set a SYN flood attack threshold (see Screen Options).

  2. Select the TCP SYN proxy SYN cookie check box.

  3. Click Apply to save your settings.