LABEL
Generate alert when
attack detected
Denial of Service Thresholds
One Minute Low
One Minute High
Maximum Incomplete
Low
Firewall Screens
Table 11-6 Attack Alert
DESCRIPTION
A detected attack automatically generates a
log entry. Check this box to generate an alert
(as well as a log) whenever an attack is
detected. See the chapter on logs for more
information on logs and alerts.
This is the rate of new half-open sessions that
causes the firewall to stop deleting half-open
sessions. The ZyWALL continues to delete
half-open sessions as necessary, until the
rate of new connection attempts drops below
this number.
This is the rate of new half-open sessions that
causes the firewall to start deleting half-open
sessions. When the rate of new connection
attempts rises above this number, the
ZyWALL deletes half-open sessions as
required to accommodate new connection
attempts.
This is the number of existing half-open
sessions that causes the firewall to stop
deleting half-open sessions. The ZyWALL
continues to delete half-open requests as
necessary, until the number of existing half-
open sessions drops below this number.
ZyWALL 2 Series User's Guide
DEFAULT VALUES
80 existing half-open sessions.
100 half-open sessions per
minute. The above numbers
cause the ZyWALL to start
deleting half-open sessions when
more than 100 session
establishment attempts have
been detected in the last minute,
and to stop deleting half-open
sessions when fewer than 80
session establishment attempts
have been detected in the last
minute.
80 existing half-open sessions.
11-23