Intrusion prevention

With intrusion prevention, you can examine network traffic for anomalies to prevent DoS and other spoofing attacks. Using policies, you can define rules that specify an action to take when traffic matches signature criteria. You can specify protection on a zone-specific basis and limit traffic to trusted MAC addresses or IP–MAC pairs. You can also create rules to bypass DoS inspection.