Configuring The Network Refresh And Permanent Mac Address Bindings - NETGEAR STM150 - ProSecure Web And Email Threat Management Appliance Reference Manual

ProSecure Web/Email Security Threat Management (STM) Appliance
3. Select the radio buttons, make your selections from the drop-down list, and complete the
fields as explained in the following table:
Table 14. Session Limits Settings
Setting
Session Limits
Do You Want to
Enable per-user
Session Limits?
Session Timeouts
If a session goes without data flow longer than the configured values, the session is terminated.
TCP Timeout
UDP Timeout
ICMP Timeout
4. Click Apply to save your settings. Changing any settings in the Session Timeouts section of
the screen requires the STM to restart. If you click Reset, the STM restarts to restore the
default network settings.
Configuring the Network Refresh and
Permanent MAC Address Bindings
The STM integrates smart virtual MAC address detection to automatically detect virtual MAC
addresses and bind these to an interface. When the network topology changes, a virtual
MAC address might no longer be bound to the original interface. If this situation occurs, the
host to which the virtual MAC address is assigned is no longer able to communicate with
others through the STM. Therefore, the network need to be refreshed to enable the STM to
redetect the virtual MAC address on the correct interface.
Description (or Subfield and Description)
Select the Yes radio button to enable session limits, and then fill in the Limit Type and
Limit Value fields. The No radio button is selected by default.
Limit Type From the Limit Type drop-down list, make one of the following selections:
• Percentage of Maximum Sessions. Session limits are set as a
percentage of the total connection capacity per user.
• Sessions per User. Session limits are set as an absolute number.
Limit Value Depending on the selection in the Limit Type field, this value is a
percentage or an absolute number.
The Total Number of Packets Dropped field, which you cannot configure, shows the total
number of packets that are dropped because the session limit has been exceeded.
The time in seconds after which a TCP session without data flow is terminated. The
default time is 1200 seconds.
The time in seconds after which an UDP session without data flow is terminated. The
default time is 180 seconds.
The time in seconds after which an ICMP session without data flow is terminated. The
default time is 8 seconds.
Chapter 3. Performing Network and System Management | 57