ZyXEL Communications 202H User Manual

Prestige 202H User’s Guide

Configuring Firewall with the Web Configurator

14-11

Table 14-4 Attack Alert

TCP Maximum

Incomplete

This is the number of existing half-open
TCP sessions with the same destination
host IP address that causes the firewall to
start dropping half-open sessions to that
same destination host IP address. Enter a
number between 1 and 250. As a general
rule, you should choose a smaller number
for a smaller network, a slower system or
limited bandwidth.

10 existing half-open TCP

sessions.

Blocking Time When TCP Maximum Incomplete is

reached you can choose if the next
session should be allowed or blocked. If
you select the Blocking Time checkbox,
any new sessions will be blocked for the
length of time you specify in the next field
(min) and all old incomplete sessions will
be cleared during this period. If you want
strong security, it is better to block the
traffic for a short time, as it will give the
server some time to digest the loading.

10

minutes (default)

(minute) Enter the length of Blocking Time in

minutes.

0

Click Back to return to the previous screen. Click Apply to save your customized settings and exit this
screen. Click Cancel to return to the previous configuration. Use the Help icon to view field
descriptions.