ZyXEL Communications ZYWALL10 User Manual

ZyWALL 10 Internet Security Gateway

Introducing the ZyWALL Web Configurator

15-11

FIELD

DESCRIPTION

DEFAULT VALUES

rises above this number, the ZyWALL
deletes half-open sessions as required to
accommodate new connection requests.
Do not set Maximum Incomplete High to
lower than the current Maximum
Incomplete Low number.

half-open sessions when

the number of existing

half-open sessions rises

above 100, and to stop

deleting half-open

sessions with the number

of existing half-open

sessions drops below 80.

TCP Maximum

Incomplete

This is the number of existing half-open
TCP sessions with the same destination
host IP address that causes the firewall to
start dropping half-open sessions to that
same destination host IP address. Enter a
number between 1 and 250. As a general
rule, you should choose a smaller number
for a smaller network, a slower system or
limited bandwidth.

10 existing half-open TCP

sessions.

Blocking Time

When TCP Maximum Incomplete is
reached you can choose if the next
session should be allowed or blocked. If
you check Blocking Time any new
sessions will be blocked for the length of
time you specify in the next field (min) and
all old incomplete sessions will be cleared
during this period. If you want strong
security, it is better to block the
traffic for a short time, as it will give the
server some time to digest the loading.

Check this checkbox to

specify a number in

minutes (min) text box.

(min)

Enter the length of Blocking Time in
minutes.

10

When you have finished, click Apply to save your customized settings and exit this screen,
Cancel to exit this screen without saving, or Help for online HTML help on fields in this screen.