ZyXEL Communications Internet Security Gateway ZyWALL 100 User Manual

Page 169

background image

ZyWALL 100 Internet Security Gateway

Using the ZyWALL Web Configurator

15-9

FIELD DESCRIPTION

DEFAULT

VALUES

Denial of Service Thresholds

One Minute Low This is the rate of new half-open sessions

that causes the firewall to stop deleting
half-open sessions. The ZyWALL
continues to delete half-open sessions as
necessary, until the rate of new
connection attempts drops below this
number.

80 existing half-open sessions.

One Minute High This is the rate of new half-open sessions

that causes the firewall to start deleting
half-open sessions. When the rate of new
connection attempts rises above this
number, the ZyWALL deletes half-open
sessions as required to accommodate
new connection attempts.

100 half-open sessions per

minute. The above numbers

cause the ZyWALL to start

deleting half-open sessions

when more than 100 session

establishment attempts have

been detected in the last minute,

and to stop deleting half-open

sessions when fewer than 80

session establishment attempts

have been detected in the last

minute.

Maximum Incomplete

Low

This is the number of existing half-open
sessions that causes the firewall to stop
deleting half-open sessions. The ZyWALL
continues to delete half-open requests as
necessary, until the number of existing
half-open sessions drops below this
number.

80 existing half-open sessions.

Maximum Incomplete

High

This is the number of existing half-open
sessions that causes the firewall to start
deleting half-open sessions. When the
number of existing half-open sessions
rises above this number, the ZyWALL
deletes half-open sessions as required to
accommodate new connection requests.
Do not set Maximum Incomplete High to
lower than the current Maximum
Incomplete Low number.

100 half-open sessions per

minute. The above values

causes the ZyWALL to start

deleting half-open sessions

when the number of existing

half-open sessions rises above

100, and to stop deleting half-

open sessions with the number

of existing half-open sessions

drops below 80.

TCP Maximum

Incomplete

This is the number of existing half-open
TCP sessions with the same destination
host IP address that causes the firewall to
start dropping half-open sessions to that

10 existing half-open TCP

sessions.

See also other documents in the category ZyXEL Communications Hardware: