About Default Threat Protection
WatchGuard Fireware OS and the policies you create give you strict control over access to your network. A strict access policy helps keep hackers out of your network. But, there are other types of attacks that a strict policy cannot defeat. Careful configuration of default threat protection options for the Firebox can stop threats such as SYN flood attacks, spoofing attacks, and port or address space probes.
With default threat protection, a firewall examines the source and destination of each packet it receives. It looks at the IP address and port number and monitors the packets to look for patterns that show your network is at risk. If a risk exists, you can configure the Firebox to automatically block a possible attack. This proactive method of intrusion detection and prevention keeps attackers out of your network.
To configure default threat protection, see:
You can also purchase an upgrade for your Firebox to use signature-based intrusion prevention. For more information, see About Gateway AntiVirus.