Firewall Thresholds

LABEL
DESCRIPTION
DEFAULT VALUES
Denial of Service Thresholds
  
One Minute Low
This is the rate of new half-open sessions that causes the firewall to stop deleting half-open sessions. The ZyXEL Device continues to delete half-open sessions as necessary, until the rate of new connection attempts drops below this number.
80 existing half-open sessions.
One Minute High
This is the rate of new half-open sessions that causes the firewall to start deleting half-open sessions. When the rate of new connection attempts rises above this number, the ZyXEL Device deletes half-open sessions as required to accommodate new connection attempts.
100 half-open sessions per minute. The above numbers cause the ZyXEL Device to start deleting half-open sessions when more than 100 session establishment attempts have been detected in the last minute, and to stop deleting half-open sessions when fewer than 80 session establishment attempts have been detected in the last minute.
Maximum Incomplete Low
This is the number of existing half-open sessions that causes the firewall to stop deleting half-open sessions. The ZyXEL Device continues to delete half-open requests as necessary, until the number of existing half-open sessions drops below this number.
80 existing half-open sessions.
Maximum Incomplete High
This is the number of existing half-open sessions that causes the firewall to start deleting half-open sessions. When the number of existing half-open sessions rises above this number, the ZyXEL Device deletes half-open sessions as required to accommodate new connection requests. Do not set Maximum Incomplete High to lower than the current Maximum Incomplete Low number.
100 existing half-open sessions. The above values causes the ZyXEL Device to start deleting half-open sessions when the number of existing half-open sessions rises above 100, and to stop deleting half-open sessions with the number of existing half-open sessions drops below 80.
TCP Maximum Incomplete
This is the number of existing half-open TCP sessions with the same destination host IP address that causes the firewall to start dropping half-open sessions to that same destination host IP address. Enter a number between 1 and 256. As a general rule, you should choose a smaller number for a smaller network, a slower system or limited bandwidth.
30 existing half-open TCP sessions.
Action taken when the TCP Maximum Incomplete reached threshold
Delete the Oldest Half Open Session when New Connection Request Comes.
Select this radio button to clear the oldest half open session when a new connection request comes.
 
Deny New Connection Request for
Select this radio button and specify for how long the ZyXEL Device should block new connection requests when TCP Maximum Incomplete is reached.
Enter the length of blocking time in minutes (between 1 and 256).
 
Apply
Click Apply to save your changes back to the ZyXEL Device.
Cancel
Click Cancel to begin configuring this screen afresh.