beautypg.com

ZyXEL Communications ZyXEL ZyAIR 100 User Manual

Page 181

background image

ZyWALL 10~100 Series Internet Security Gateway

Firewall Screens

12-23

Table 12-6 Attack Alert

LABEL DESCRIPTION

DEFAULT

VALUES

One Minute High This is the rate of new half-open sessions that

causes the firewall to start deleting half-open
sessions. When the rate of new connection
attempts rises above this number, the ZyWALL
deletes half-open sessions as required to
accommodate new connection attempts.

100 half-open sessions per

minute. The above numbers

cause the ZyWALL to start

deleting half-open sessions when

more than 100 session

establishment attempts have

been detected in the last minute,

and to stop deleting half-open

sessions when fewer than 80

session establishment attempts

have been detected in the last

minute.

Maximum

Incomplete Low

This is the number of existing half-open
sessions that causes the firewall to stop
deleting half-open sessions. The ZyWALL
continues to delete half-open requests as
necessary, until the number of existing half-
open sessions drops below this number.

80 existing half-open sessions.

Maximum

Incomplete High

This is the number of existing half-open
sessions that causes the firewall to start
deleting half-open sessions. When the number
of existing half-open sessions rises above this
number, the ZyWALL deletes half-open
sessions as required to accommodate new
connection requests. Do not set Maximum
Incomplete High to lower than the current
Maximum Incomplete Low number.

100 existing half-open sessions.

The above values causes the

ZyWALL to start deleting half-

open sessions when the number

of existing half-open sessions

rises above 100, and to stop

deleting half-open sessions with

the number of existing half-open

sessions drops below 80.

TCP Maximum

Incomplete

This is the number of existing half-open TCP
sessions with the same destination host IP
address that causes the firewall to start
dropping half-open sessions to that same
destination host IP address. Enter a number
between 1 and 256. As a general rule, you
should choose a smaller number for a smaller
network, a slower system or limited bandwidth.

10 existing half-open TCP

sessions.

See also other documents in the category ZyXEL Communications Hardware: