Table 15-3 Attack Alert - ZyXEL Communications ZyWALL 10 User Manual

ZyWALL 10 Internet Security Gateway
Field
Generate alert when
attack detected
Denial of Services Thresholds
One Minute Low
One Minute High
Maximum Incomplete
Low
Maximum Incomplete
High
15-10

Table 15-3 Attack Alert

Description
A detected attack automatically generates
a log entry. Check this box to generate an
alert (as well as a log) whenever an attack
is detected. See section 15.3 for more
information on logs and alerts.
This is the rate of new half-open sessions
that causes the firewall to stop deleting
half-open sessions. The ZyWALL
continues to delete half-open sessions as
necessary, until the rate of new
connection attempts drops below this
number.
This is the rate of new half-open sessions
that causes the firewall to start deleting
half-open sessions. When the rate of new
connection attempts rises above this
number, the ZyWALL deletes half-open
sessions as required to accommodate
new connection attempts.
This is the number of existing half-open
sessions that causes the firewall to stop
deleting half-open sessions. The ZyWALL
continues to delete half-open requests as
necessary, until the number of existing
half-open sessions drops below this
number.
This is the number of existing half-open
sessions that causes the firewall to start
deleting half-open sessions. When the
number of existing half-open sessions
Default Values
80 existing half-open
sessions
100 half-open sessions
per minute. The above
numbers cause the
ZyWALL to start deleting
half-open sessions when
more than 100 session
establishment attempts
have been detected in the
last minute, and to stop
deleting half-open
sessions when fewer than
80 session establishment
attempts have been
detected in the last
minute.
80 existing half-open
sessions
100 half-open sessions
per minute. The above
values causes the
ZyWALL to start deleting
Introducing the ZyWALL Web Configurator