EasyManua.ls Logo

Quantum SPARK 1500 - Page 394

Quantum SPARK 1500
461 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Managing System Services
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|394
n
Disable inspection for this service Select this checkbox to disable deep
inspection of traffic matching this service. This option is only available for built-in
services.
3. In the Advanced tab, enter information in the fields that apply to the type of service you
selected. Note that not all fields may show depending on the service type.
General
n
Session timeout (in seconds) - Time in seconds before the session times out.
n
Use source port - Select this option and enter a port number for the client side
service. If specified, only those source port numbers are accepted, dropped, or
rejected when inspecting packets of this service. Otherwise, the source port is not
inspected.
n
Accept replies (relevant for non-TCP services) - When cleared, server to client
packets are treated as a different connection.
n
Match (a highly advanced option to be used only by Check Point Support).
Connection handling
n
Keep connections open after policy has been installed - Even if they are not
allowed under the new policy. If you change this setting, the change does not affect
open connections, but only future connections.
n
Synchronize connections on cluster - Enables state-synchronized High
Availability or Load Sharing on a cluster. Of the services allowed by the Rule Base,
only those with Synchronize connections on cluster are synchronized as they pass
through the cluster. By default, all new and existing services are synchronized.
n
Start synchronizing X seconds after the connection was initiated - For TCP
services, enable this option to delay telling the Quantum Spark Appliance about a
connection so that the connection is only synchronized if it still exists in X seconds
after the connection is initiated. Some TCP services (HTTP for example) are
characterized by connections with a very short duration. There is no point in
synchronizing these connections because every synchronized connection
consumes gateway resources, and the connection is likely to have finished by the
time a failover occurs.

Table of Contents

Related product manuals