Prevention of DOS Attacks
-------------------------
The following list shows measures implemented in |VOSS-4-UC| to protect the system
against Denial of Service (DOS) attacks:

* Firewall protection:

  * TCP flood protection against:
   
    * the SSH port
    * web server ports

  * SYN flood protection

* Configurable session limits for the |VOSS-4-UC| platform SSH access is
  **Sessions per user** and **Sessions per application**. An administrator can
  set and modify the number of SSH sessions allowed:
  
  * system-wide (default is 10 if not set)
  * for a user (default is 10 if not set)
  
See SSH Session Limit for detailed information.
  
* The usage of ports, protocols, and services are registered with the DoD PPS Database

* An automated, continuous on-line monitoring of the system is implemented, with:

  * Audit trail creation capability in a format that a log viewing application can immediately
    alert personnel of any unusual or inappropriate activity with potential Information
    Assurance (IA) implications.
  * A command line command that a user can automatically disable the system if serious 
    IA violations are detected.

* Applications are monitored and notifications sent when resource conditions reach a
  predefined threshold indicating there may be attack occurring, for example through
  SNMP traps and triggers.

* High disk utilization is managed due to error notifications.
  For log files, disk utilization is managed by:

  * daily log rotation
  * 4 weeks of backlogs
  * the creation of new (empty) log files after rotating old ones
  * log file compression
  * a logging restriction of 20 messages per minute 

*  A continuous cycle of updating packages during releases is in place
   with notifications during updates. Commands to carry out a security
   check or update can be run at any time.

.. |VOSS-4-UC| replace:: VOSS-4-UC
.. |Unified CM| replace:: Unified CM