ZyXEL Communications ZYWALL10 User Manual
Page 187
ZyWALL 10 Internet Security Gateway
15-10
Introducing the ZyWALL Web Configurator
Table 15-3 Attack Alert
FIELD
DESCRIPTION
DEFAULT VALUES
Generate alert when
attack detected
A detected attack automatically generates
a log entry. Check this box to generate an
alert (as well as a log) whenever an attack
is detected. See the Logs Chapter for
more information on logs and alerts.
Denial of Service Thresholds
One Minute Low
This is the rate of new half-open sessions
that causes the firewall to stop deleting
half-open sessions. The ZyWALL
continues to delete half-open sessions as
necessary, until the rate of new
connection attempts drops below this
number.
80 existing half-open
sessions.
One Minute High
This is the rate of new half-open sessions
that causes the firewall to start deleting
half-open sessions. When the rate of new
connection attempts rises above this
number, the ZyWALL deletes half-open
sessions as required to accommodate
new connection attempts.
100 half-open sessions
per minute. The above
numbers cause the
ZyWALL to start deleting
half-open sessions when
more than 100 session
establishment attempts
have been detected in the
last minute, and to stop
deleting half-open
sessions when fewer than
80 session establishment
attempts have been
detected in the last
minute.
Maximum Incomplete
Low
This is the number of existing half-open
sessions that causes the firewall to stop
deleting half-open sessions. The ZyWALL
continues to delete half-open requests as
necessary, until the number of existing
half-open sessions drops below this
number.
80 existing half-open
sessions.
Maximum Incomplete
High
This is the number of existing half-open
sessions that causes the firewall to start
deleting half-open sessions. When the
number of existing half-open sessions
100 half-open sessions
per minute. The above
values causes the
ZyWALL to start deleting