Manuals / ZyXEL Communications / Computer Equipment / Network Router

ZyXEL Communications 792H manual 256

Models: 792H

1 428
Download 428 pages 12.67 Kb
Page 141
Image 141

 

 

Prestige 792H G.SHDSL Router

 

 

Table 9-2 Alert

 

 

 

 

 

LABEL

DESCRIPTION

 

 

 

 

 

 

One Minute High

This is the rate of new half-open sessions that causes the firewall to start deleting

 

 

 

half-open sessions. The default is "100". When the rate of new connection attempts

 

 

 

rises above this number, the Prestige deletes half-open sessions as required to

 

 

 

accommodate new connection attempts. The Prestige stops deleting half-open

 

 

 

sessions when the number is less than the One Minute Low.

 

 

Maximum

This is the number of existing half-open sessions (default "80") that causes the

 

 

Incomplete Low

firewall to stop deleting half-open sessions.

 

 

 

The Prestige continues to delete half-open requests as necessary, until the number

 

 

 

of existing half-open sessions drops below this number.

 

 

 

 

 

 

Maximum

This is the number of existing half-open sessions (default "100") that causes the

 

 

Incomplete High

firewall to start deleting half-open sessions. When the number of existing half-open

 

 

 

sessions rises above this number, the Prestige deletes half-open sessions as

 

 

 

required to accommodate new connection requests. The Prestige stops deleting half-

 

 

 

open sessions when the number is less than the Max Incomplete Low.

 

 

 

Do not set Maximum Incomplete High to lower than the current Max Incomplete

 

 

 

Low number.

 

 

TCP Maximum

This is the number of existing half-open TCP sessions (default "10") with the same

 

 

Incomplete

destination host IP address that causes the firewall to start dropping half-open

 

 

 

sessions to that same destination host IP address. Enter a number between 1 and

 

 

 

256.

 

 

 

As a general rule, you should choose a smaller number for a smaller network, a

 

 

 

slower system or limited bandwidth.

 

 

 

 

 

 

Blocking Time

When TCP Maximum Incomplete is reached you can choose if the next session

 

 

 

should be allowed or blocked. If you select Blocking Time, any new sessions will be

 

 

 

blocked for the length of time you specify in the next field (min) and all old

 

 

 

incomplete sessions will be cleared during this period.

 

 

 

If you want strong security, it is better to block the traffic for a short time, as it will give

 

 

 

the server some time to digest the loading.

 

 

(min)

Type the length of Blocking Time in minutes (1-256). The default is "0".

 

 

 

 

 

 

Back

Click Back to return to the previous screen.

 

 

 

 

 

 

Apply

Click Apply to save your customized settings and exit this screen.

 

 

 

 

 

 

Cancel

Click Cancel to return to the previously saved settings.

 

 

 

 

 

Firewall Configuration

9-7

Page 140 Page 142
Page 141
Image 141
ZyXEL Communications 792H manual 256
Page 140 Page 142