ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual

Table 5-5. Session Limit Settings

Setting

Description (or Subfield and Description)

 

 

Session Limit

 

 

 

User Limit Parameter

From the User Limit Parameter pull-down menu, select one of the following

 

options:

 

Percentage of Max Sessions. A percentage of the total session connection

 

capacity of the UTM.

 

Number of Sessions. An absolute number of maximum sessions.

User Limit

Enter a number to indicate the user limit.

 

If the User Limit Parameter is set to Percentage of Max Sessions, the number

 

specifies the maximum number of sessions that are allowed from a single-

 

source device as a percentage of the total session connection capacity of the

 

UTM. (The session limit is per-device based.)

 

If the User Limit Parameter is set to Number of Sessions, the number specifies

 

an absolute value.

 

Note: Some protocols such as FTP and RSTP create two sessions per

 

connection, which should be considered when configuring a session limit.

 

 

Total Number of

This is a non-configurable counter that displays the total number of dropped

Packets Dropped due

packets when the session limit is reached.

to Session Limit

 

 

 

Session Timeout

 

 

 

TCP Timeout

For each protocol, specify a timeout in seconds. A session expires if no data for

 

the session is received for the duration of the timeout period. The default

UDP Timeout

timeout periods are 1200 seconds for TCP sessions, 180 seconds for UDP

 

ICMP Timeout

sessions, and 8 seconds for ICMP sessions.

 

 

5.Click Apply to save your settings.

Managing the Application Level Gateway for SIP Sessions

The Application Level Gateway (ALG) facilitates multimedia sessions such as voice over IP (VoIP) sessions that use the Session Initiation Protocol (SIP) across the firewall and provides support for multiple SIP clients. ALG support for SIP is disabled by default.

To enable ALG for SIP:

1.Select Network Security > Firewall from the menu. The Firewall submenu tabs appear.

2.Click the Advanced submenu tab. The Advanced screen displays (see Figure 5-13 on page 5-25).

5-24

Firewall Protection

v1.0, September 2009

Page 138
Image 138
NETGEAR UTM25-100NAS Managing the Application Level Gateway for SIP Sessions, Session Limit Settings, Session Timeout