Figure 69 firewall: threshold, Table 49 firewall: threshold – ZyXEL Communications Prestige 2602R Series User Manual

Prestige 2602R Series User’s Guide

168

Chapter 13 Firewall Configuration

The Prestige also sends alerts whenever TCP Maximum Incomplete is exceeded. The global
values specified for the threshold and timeout apply to all TCP connections.

Click Firewall, and Threshold to bring up the next screen.

Figure 69 Firewall: Threshold

The following table describes the labels in this screen.

Table 49 Firewall: Threshold

LABEL

DESCRIPTION

DEFAULT VALUES

Denial of Service

Thresholds

One Minute Low

This is the rate of new half-open sessions that

causes the firewall to stop deleting half-open

sessions. The Prestige continues to delete

half-open sessions as necessary, until the

rate of new connection attempts drops below

this number.

80 existing half-open sessions.

One Minute High

This is the rate of new half-open sessions that

causes the firewall to start deleting half-open

sessions. When the rate of new connection

attempts rises above this number, the

Prestige deletes half-open sessions as

required to accommodate new connection

attempts.

100 half-open sessions per minute.

The above numbers cause the

Prestige to start deleting half-open

sessions when more than 100

session establishment attempts

have been detected in the last

minute, and to stop deleting half-

open sessions when fewer than 80

session establishment attempts

have been detected in the last

minute.

Maximum

Incomplete Low

This is the number of existing half-open

sessions that causes the firewall to stop

deleting half-open sessions. The Prestige

continues to delete half-open requests as

necessary, until the number of existing half-

open sessions drops below this number.

80 existing half-open sessions.