Filter
Top Products
ZyWALL 2 Series User’s Guide
Firewall Screens 11-23
Table 11-6 Attack Alert
LABEL DESCRIPTION DEFAULT VALUES
Generate alert when
attack detected
A detected attack automatically generates a
log entry. Check this box to generate an alert
(as well as a log) whenever an attack is
detected. See the chapter on logs for more
information on logs and alerts.
Denial of Service Thresholds
One Minute Low This is the rate of new half-open sessions that
causes the firewall to stop deleting half-open
sessions. The ZyWALL continues to delete
half-open sessions as necessary, until the
rate of new connection attempts drops below
this number.
80 existing half-open sessions.
One Minute High This is the rate of new half-open sessions that
causes the firewall to start deleting half-open
sessions. When the rate of new connection
attempts rises above this number, the
ZyWALL deletes half-open sessions as
required to accommodate new connection
attempts.
100 half-open sessions per
minute. The above numbers
cause the ZyWALL to start
deleting half-open sessions when
more than 100 session
establishment attempts have
been detected in the last minute,
and to stop deleting half-open
sessions when fewer than 80
session establishment attempts
have been detected in the last
minute.
Maximum Incomplete
Low
This is the number of existing half-open
sessions that causes the firewall to stop
deleting half-open sessions. The ZyWALL
continues to delete half-open requests as
necessary, until the number of existing half-
open sessions drops below this number.
80 existing half-open sessions.