
SYN Flood Protection Overview
Beginning with SonicOS Enhanced 3.1, SonicWALL uses stateless SYN cookies to
provide SYN Flood protection.This approach increases the reliability of SYN Flood
detection and also improves overall resource utilization on the SonicWALL. By using
stateless SYN cookies, the SonicWALL does not have to maintain the state of half-
opened connections. As opposed to randomness, SonicWALL uses a cryptographic
calculation to arrive at SEQs.
SonicWALL provides the capability to protect against SYN Flood attacks that
originate from the LAN or the WAN. Attacks on the LAN are generally caused by
devices that are infected with a virus,