Network Coverage
-
Monitored /24 subnets
Active Threats
-
Subnets under DDoS attack
System Mode
-
-
Network Interface
- packets/sec
Loading data...

Protected Networks

Active monitoring of /24 subnet ranges

Loading protected networks...

Protection Rules

Configure packet validation and attack mitigation mechanisms
Toggle Convention
ON = Protection active (recommended) | OFF = Protection disabled

TCP Protection

14 rules
Challenge & Validation
SYN Packet Rules
SYN-ACK Packet Rules
Other TCP Rules

UDP Protection

14 rules
Basic Validation
Amplification Protection
DNS Protection
QUIC / HTTP3

ICMP Protection

2 rules

Detection System

System-level detection, monitoring, and adaptive response controls
SYSTEM
Adaptive Mode
When DDoS Detection is ON, protections activate only during detected attacks. When OFF, all protections are always active.

System Controls

6 controls

Maintenance

1 action
Flush TCP Established
Clear all validated TCP connections

Advanced Configuration

Fine-tune detection thresholds, timing parameters, and validation rules
EXPERT
Configuration Impact Notice
These parameters directly control DDoS mitigation behavior. Incorrect values may reduce protection effectiveness or cause legitimate traffic drops. Default values are optimized for most production environments.

Rate Thresholds

Packets per second limits that trigger automatic protection

Challenge Configuration

TCP challenge-response mechanism timing and behavior

Flood Detection

Per-IP and distributed attack detection parameters

Packet Validation

Size constraints for TCP handshake packets

Event Sampling

Control event logging frequency to manage overhead

Event Logging Filter

Control which events are logged to the ring buffer for monitoring
PERFORMANCE
Performance Notice
Enabling many events increases CPU overhead. Use "Recommended" preset for production or disable unnecessary events. Changes take effect immediately.

TCP Events

Challenge validation, handshake events, and TCP-specific drops

UDP Events

Amplification attacks, DNS protection, and UDP flood detection

ICMP Events

ICMP anti-spoofing and validation events

IP Whitelist Management

Manage trusted IPs that bypass DDoS protections during attacks
BYPASS
Important Notice
Whitelisted IPs bypass all DDoS protections only during active attacks. When no attack is detected, normal processing applies. Use this for trusted sources like monitoring systems, CDN backends, or partner servers.

Add IP to Whitelist

Add a single IP or CIDR range (e.g., 192.168.1.1 or 10.0.0.0/24)

Current Whitelist

IPs currently in the whitelist (0 entries)

IP / CIDR Country ASN Actions
Loading whitelist...

Bypass

Traffic to these IPs will bypass ALL protections. Use for testing when a client reports issues to determine if ZEUS is causing false positives.

Add IP to Bypass

Current Bypass List

IPs currently bypassing protections (0 entries)

IP / CIDR Actions
Loading bypass list...