ZyXEL Prestige 202H Plus ISDN Router 91-003-154001B Manuale Utente
Codici prodotto
91-003-154001B
P-202H Plus v2 User’s Guide
Chapter 9 Firewall Configuration
90
9.3 Attack Alert
Attack alerts are real-time reports of DoS attacks. In the Alert screen, shown later, you may
choose to generate an alert whenever an attack is detected. For DoS attacks, the ZyXEL
Device uses thresholds to determine when to drop sessions that do not become fully
established. These thresholds apply globally to all sessions.
choose to generate an alert whenever an attack is detected. For DoS attacks, the ZyXEL
Device uses thresholds to determine when to drop sessions that do not become fully
established. These thresholds apply globally to all sessions.
You can use the default threshold values, or you can change them to values more suitable to
your security requirements.
your security requirements.
9.3.1 Alerts
Alerts are reports on events, such as attacks, that you may want to know about right away. You
can choose to generate an alert when an attack is detected in the Alert screen (
can choose to generate an alert when an attack is detected in the Alert screen (
- select the Generate alert when attack detected checkbox) or when a rule is
matched in the Edit Rule screen (see
). When an event generates an alert,
a message can be immediately sent to an e-mail account that you specify in the E-mail screen
(see the chapter on E-mail).
(see the chapter on E-mail).
9.3.2 Threshold Values
Tune these parameters when something is not working and after you have checked the firewall
counters. These default values should work fine for most small offices. Factors influencing
choices for threshold values are:
counters. These default values should work fine for most small offices. Factors influencing
choices for threshold values are:
• The maximum number of opened sessions.
• The minimum capacity of server backlog in your LAN network.
• The CPU power of servers in your LAN network.
• Network bandwidth.
• Type of traffic for certain servers.
• The minimum capacity of server backlog in your LAN network.
• The CPU power of servers in your LAN network.
• Network bandwidth.
• Type of traffic for certain servers.
If your network is slower than average for any of these factors (especially if you have servers
that are slow or handle many tasks and are often busy), then the default values should be
reduced.
that are slow or handle many tasks and are often busy), then the default values should be
reduced.
You should make any changes to the threshold values before you continue configuring
firewall rules.
firewall rules.
Apply
Click Apply to save your changes back to the ZyXEL Device.
Cancel
Click Cancel to return to the previously saved settings.
Table 21 Firewall > E-mail (continued)
LABEL
DESCRIPTION