ZyXEL p-660h-61 사용자 가이드

Prestige 660H Series User’s Guide 

Firewall Configuration 

        11-3 

♦ 

If the Blocking Time timeout is 0 (the default), then the Prestige deletes the oldest existing 
half-open session for the host for every new connection request to the host. This ensures that 
the number of half-open sessions to a given host will never exceed the threshold.  

♦ 

If the Blocking Time timeout is greater than 0, then the Prestige blocks all new connection 
requests to the host giving the server time to handle the present connections. The Prestige 
continues to block all new connection requests until the Blocking Time expires.  

The Prestige also sends alerts whenever TCP Maximum Incomplete is exceeded. The global values 
specified for the threshold and timeout apply to all TCP connections. Click Firewall, and Alert to 
bring up the next screen. 

 

The following table describes the labels in this screen. 

Generate alert 
when attack 
detected  

Select this check box to generate an alert whenever an attack is detected.  

 

Denial of Services Thresholds  

One Minute Low  

This is the rate of new half-open sessions that causes the firewall to stop deleting half-
open sessions.  
The Prestige continues to delete half-open sessions as necessary, until the rate of new 
connection attempts drops below this number. "80" is the default. 

One Minute High  

This is the rate of new half-open sessions that causes the firewall to start deleting half-
open sessions. The default is "100". When the rate of new connection attempts rises 
above this number, the Prestige deletes half-open sessions as required to accommodate 
new connection attempts. The Prestige stops deleting half-open sessions when the 
number is less than the One Minute Low.