Table of Contents
Advertisement
10-24 Firewall Screens
Table 10-6 Attack Alert
LABEL
TCP Maximum
This is the number of existing half-open TCP
Incomplete
sessions with the same destination host IP
address that causes the firewall to start
dropping half-open sessions to that same
destination host IP address. Enter a number
between 1 and 256. As a general rule, you
should choose a smaller number for a smaller
network, a slower system or limited
bandwidth.
Blocking Period
When TCP Maximum Incomplete is reached
you can choose if the next session should be
allowed or blocked. If you check Blocking
Period any new sessions will be blocked for
the length of time you specify in the next field
(min) and all old incomplete sessions will be
cleared during this period. If you want strong
security, it is better to block the
traffic for a short time, as it will give the server
some time to digest the loading.
(min)
Enter the length of Blocking Period in
minutes.
Apply
Click Apply to save your changes back to the Contivity 221.
Reset
Click Reset to begin configuring this screen afresh.
317517-A Rev 00
DESCRIPTION
DEFAULT VALUES
10 existing half-open TCP
sessions.
Select this check box to specify a
number in minutes (min) text
box.
0
Advertisement
Table of Contents
