Chapter 15 Firewall

15.5.1.1 Threshold Values

If everything is working properly, you probably do not need to change the threshold settings as the default threshold values should work for most small offices. Tune these parameters when you believe the AMG1312-T Series has been receiving DoS attacks that are not recorded in the logs or the logs show that the AMG1312-T Series is classifying normal traffic as DoS attacks. Factors influencing choices for threshold values are:

1The maximum number of opened sessions.

2The minimum capacity of server backlog in your LAN network.

3The CPU power of servers in your LAN network.

4Network bandwidth.

5Type of traffic for certain servers.

Reduce the threshold values if your network is slower than average for any of these factors (especially if you have servers that are slow or handle many tasks and are often busy).

If you often use P2P applications such as file sharing with eMule or eDonkey, it’s recommended that you increase the threshold values since lots of sessions will be established during a small period of time and the AMG1312-T Series may classify them as DoS attacks.

15.5.2Configuring Firewall Thresholds

Click Security > Firewall > DoS > Advanced to display the following screen.

Figure 93 Security > Firewall > DoS > Advanced

180

 

AMG1312-T Series User’s Guide