P-660HW-T v2 User's Guide
10.10.3 Configuring Firewall Thresholds
The ZyXEL Device also sends alerts whenever TCP Maximum Incomplete is exceeded. The
global values specified for the threshold and timeout apply to all TCP connections.
Click Firewall, and Threshold to bring up the next screen.
Figure 94 Firewall: Threshold
The following table describes the labels in this screen.
Table 59 Firewall: Threshold
LABEL
Denial of Service
Thresholds
One Minute Low
One Minute High
168
DESCRIPTION
This is the rate of new half-open sessions that
causes the firewall to stop deleting half-open
sessions. The ZyXEL Device continues to
delete half-open sessions as necessary, until
the rate of new connection attempts drops
below this number.
This is the rate of new half-open sessions that
causes the firewall to start deleting half-open
sessions. When the rate of new connection
attempts rises above this number, the ZyXEL
Device deletes half-open sessions as
required to accommodate new connection
attempts.
DEFAULT VALUES
80 existing half-open sessions.
100 half-open sessions per minute.
The above numbers cause the
ZyXEL Device to start deleting half-
open sessions when more than
100 session establishment
attempts have been detected in the
last minute, and to stop deleting
half-open sessions when fewer
than 80 session establishment
attempts have been detected in the
last minute.
Chapter 10 Firewall Configuration