ZyXEL p-660h-61 Betriebsanweisung
![ZyXEL](https://files.manualsbrain.com/attachments/3214a2e9b754be0b3a733d7fd22528bce8dfdece/common/fit/150/50/aafad0ddc2d0e29fd47cd3dd2d9b75f1e404d4f49531d3941fba34789d6b/brand_logo.jpeg)
Prestige 660H Series User’s Guide
Firewall Configuration
11-3
♦
If the Blocking Time timeout is 0 (the default), then the Prestige deletes the oldest existing
half-open session for the host for every new connection request to the host. This ensures that
the number of half-open sessions to a given host will never exceed the threshold.
half-open session for the host for every new connection request to the host. This ensures that
the number of half-open sessions to a given host will never exceed the threshold.
♦
If the Blocking Time timeout is greater than 0, then the Prestige blocks all new connection
requests to the host giving the server time to handle the present connections. The Prestige
continues to block all new connection requests until the Blocking Time expires.
requests to the host giving the server time to handle the present connections. The Prestige
continues to block all new connection requests until the Blocking Time expires.
The Prestige also sends alerts whenever TCP Maximum Incomplete is exceeded. The global values
specified for the threshold and timeout apply to all TCP connections. Click Firewall, and Alert to
bring up the next screen.
specified for the threshold and timeout apply to all TCP connections. Click Firewall, and Alert to
bring up the next screen.
Figure 11-2 Alert
The following table describes the labels in this screen.
Table 11-1 Alert
LABEL DESCRIPTION
Generate alert
when attack
detected
when attack
detected
Select this check box to generate an alert whenever an attack is detected.
Denial of Services Thresholds
One Minute Low
This is the rate of new half-open sessions that causes the firewall to stop deleting half-
open sessions.
The Prestige continues to delete half-open sessions as necessary, until the rate of new
connection attempts drops below this number. "80" is the default.
open sessions.
The Prestige continues to delete half-open sessions as necessary, until the rate of new
connection attempts drops below this number. "80" is the default.
One Minute High
This is the rate of new half-open sessions that causes the firewall to start deleting half-
open sessions. The default is "100". When the rate of new connection attempts rises
above this number, the Prestige deletes half-open sessions as required to accommodate
new connection attempts. The Prestige stops deleting half-open sessions when the
number is less than the One Minute Low.
open sessions. The default is "100". When the rate of new connection attempts rises
above this number, the Prestige deletes half-open sessions as required to accommodate
new connection attempts. The Prestige stops deleting half-open sessions when the
number is less than the One Minute Low.