Security zones regarding ICMP Flood Attacks

Question

I found this statement describing ICMP Flood attacks and I am confused about the term "Security Zone" being used in it.

" Once the ICMP threshold is reached, the server will stop accepting any further ICMP ECHO requests from all addresses in the same security zone. "

What does "same security zone" mean ?

Thanks.

Edit:

Full text - " After the ICMP threshold is reached, the router rejects further ICMP echo requests from all addresses in the same security zone for the remainder of the current second and the next second as well. "

You "found" this statement where? There's no way to answer your question without knowing the context. — Michael Hampton, Mar 10 '13 at 04:35
I came across it in a CEH certification study slide about Denial Of Service. I will post the full text in the question. — iridescent, Mar 10 '13 at 04:47

score 0 · Accepted Answer · answered Mar 10 '13 at 10:06

A "security zone" is simply a named group of interfaces that have similar functions or security requirements. If you do not set up any zones, ICMP ECHO requests will be blocked from one address, which was sending flood packets to you.

But if you want to set up some security zones, you should group interfaces which are similar in terms of security requirements. For more detailed information and examples, you can consult this (http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.3.1/configuration/example/ZBF_ConfigExample.html#wp30979).

Security zones regarding ICMP Flood Attacks

1 Answers1