ZyWALL 2 Series User’s Guide
Table
LABEL | DESCRIPTION | DEFAULT VALUES |
|
|
|
Maximum Incomplete | This is the number of existing | 100 existing |
High | sessions that causes the firewall to start | The above values causes the |
| deleting | ZyWALL to start deleting half- |
| number of existing | open sessions when the number |
| above this number, the ZyWALL deletes half- | of existing |
| open sessions as required to accommodate | rises above 100, and to stop |
| new connection requests. Do not set | deleting |
| Maximum Incomplete High to lower than the | the number of existing |
| current Maximum Incomplete Low number. | sessions drops below 80. |
TCP Maximum | This is the number of existing | 30 existing |
Incomplete | sessions with the same destination host IP | sessions. |
| address that causes the firewall to start |
|
| dropping |
|
| destination host IP address. Enter a number |
|
| between 1 and 256. As a general rule, you |
|
| should choose a smaller number for a smaller |
|
| network, a slower system or limited |
|
| bandwidth. |
|
Blocking Period | When TCP Maximum Incomplete is reached | Select this check box to specify a |
| you can choose if the next session should be | number in minutes (min) text |
| allowed or blocked. If you check Blocking | box. |
| Period any new sessions will be blocked for |
|
| the length of time you specify in the next field |
|
| (min) and all old incomplete sessions will be |
|
| cleared during this period. If you want strong |
|
| security, it is better to block the |
|
| traffic for a short time, as it will give the server |
|
| some time to digest the loading. |
|
|
|
|
(min) | Enter the length of Blocking Period in | 0 |
| minutes. |
|
Apply | Click Apply to save your changes back to the ZyWALL. | |
|
| |
Reset | Click Reset to begin configuring this screen afresh. | |
|
|
|
Firewall Screens |