Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual page 106

Configuring Intrusion Detection and Prevention Devices Guide
Table 49: IDP Device Configuration: Run-Time Parameters (continued)
Setting
Flow Management
IP Actions
90
Description
Timeout (seconds) for non-UDP/TCP/ICMP flows–Each connection through the security module
typically has two non-UDP/TCP/ICMP flows, one in each direction. If IDP does not see flow activity
for the specified timeout, it removes the idle flow from the flow table. The default is 30 seconds.
Timeout (seconds) for UDP flows–Each connection through the security module typically has
two UDP flows, one in each direction. If IDP does not see flow activity for the specified timeout, it
removes the idle flow from the flow table. The default is 30 seconds.
Timeout (seconds) for TCP flows–Each connection through the security module typically has
two TCP flows, one in each direction. If IDP does not see flow activity for the specified timeout, it
removes the idle flow from the flow table. The default is 30 seconds.
Timeout (seconds) for ICMP flows–Each connection through the security module typically has
two ICMP flows, one in each direction. If IDP does not see flow activity for the specified timeout, it
removes the idle flow from the flow table. The default is 30 seconds.
Maximum TCP Sessions–Controls the maximum number of TCP sessions that IDP maintains. If
IDP reaches the maximum, it drops all new sessions and writes a SESSION_LIMIT_EXCEEDED log.
Defaults vary according to model.
Maximum UDP Sessions–Controls the maximum number of UDP sessions that IDP maintains. If
IDP reaches the maximum, it drops all new sessions and writes a SESSION_LIMIT_EXCEEDED log.
Defaults vary according to model.
Maximum ICMP Sessions–Control s the maximum number of ICMP sessions that IDP maintains.
If IDP reaches the maximum, it drops all new sessions and writes a SESSION_LIMIT_EXCEEDED
log. Defaults vary according to model.
Maximum IP (non-UDP/TCP/ICMP) sessions–Controls the maximum number of IP sessions that
IDP maintains. If IDP reaches the maximum, it drops all new sessions and writes a
SESSION_LIMIT_EXCEEDED log. Defaults vary according to model.
Reset flow table with policy load/unload– Enables IDP to reset the flow table each time you load
or unload a security policy. If you do not enable this option, IDP maintains the flow table until all
flows referencing that security policy go away. This setting is enabled by default. We recommend
that you keep this setting enabled to preserve memory.
Log flow related errors–Enables logging for flow-related errors. This setting is not enabled by
default.
Reset block table with policy load/unload–Allows the IDP device to reset the block table. The
block table maintains the state of active IP actions each time a security policy loads or unloads.
This setting is enabled by default.
Copyright © 2010, Juniper Networks, Inc.