Many network security devices or appliances are configured to be managed via a network. For example, in many implementations, a user or administrator may connect, from another computing device on the local network or on an external network, to a predetermined address of a server hosted by the network security device, such as a web server. The user or administrator may then view logs, change configuration settings, or perform other maintenance tasks. However, many types of network attacks may prevent successful connection to or administration of the appliance, such as denial of service attacks that consume all of the available bandwidth. In many such instances, a user or administrator may have to manually reboot the appliance and/or disconnect it from an external network. Furthermore, upon reattachment to the external network, the attack may continue.