S
ECURITY
4-39
Password Enter your email account password.
Connection Policy
Fragmentation
half-open wait
10 secs Configures the number of seconds that a packet
state structure remains active. When the timeout
value expires, the router drops the unassembled
packet, freeing that structure for use by another
packet.
TCP SYN wait 30 secs Defines how long the software will wait for a TCP
session to reach an established state before
dropping the session.
TCP FIN wait 5 secs Specifies how long a TCP session will be managed
after the firewall detects a FIN-exchange.
TCP connection
idle timeout
3600 secs
(1 hour)
The length of time for which a TCP session will be
managed if there is no activity.
UDP session idle
timeout
30 secs The length of time for which a UDP session will
be managed if there is no activity.
DoS Detect Criteria
Total incomplete
TCP/UDP
sessions HIGH
300
sessions
Defines the rate of new unestablished sessions that
will cause the software to start deleting half-open
sessions.
Total incomplete
TCP/UDP
sessions LOW
250
sessions
Defines the rate of new unestablished sessions that
will cause the software to stop deleting half-open
sessions.
Incomplete
TCP/UDP
sessions (per min.)
HIGH
250
sessions
Maximum number of allowed incomplete
TCP/UDP sessions per minute.
Incomplete
TCP/UDP
sessions (per min.)
LOW
200
sessions
Minimum number of allowed incomplete
TCP/UDP sessions per minute.
Maximum
incomplete
TCP/UDP
sessions number
from same host
10
sessions
Maximum number of incomplete TCP/UDP
sessions from the same host.
Parameter Defaults Description