ZyXEL Communications AMG1302-T11C - Firewall Technical Reference; Firewall Rules Overview

ZyXEL Communications AMG1302-T11C

307 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Chapter 15 Firewall

AMG1302-T11C User’s Guide

176

Figure 90 Security > Firewall > DoS > Advanced

The following table describes the labels in this screen.

15.6 Firewall Technical Reference

This section provides some technical background information about the topics covered in this

chapter.

15.6.1 Firewall Rules Overview

Your customized rules take precedence and override the AMG1302-T11C’s default settings. The

AMG1302-T11C checks the source IP address, destination IP address and IP protocol type of

Table 68 Security > Firewall > DoS > Advanced

LABEL DESCRIPTION

TCP SYN-Request

Count

This is the rate of new TCP half-open sessions per second that causes the firewall to

start deleting half-open sessions. When the rate of new connection attempts rises

above this number, the AMG1302-T11C deletes half-open sessions as required to

accommodate new connection attempts.

UDP Packet Count This is the rate of new UDP half-open sessions per second that causes the firewall to

start deleting half-open sessions. When the rate of new connection attempts rises

above this number, the AMG1302-T11C deletes half-open sessions as required to

accommodate new connection attempts.

ICMP Echo-Request

Count

This is the rate of new ICMP Echo-Request half-open sessions per second that causes

the firewall to start deleting half-open sessions. When the rate of new connection

attempts rises above this number, the AMG1302-T11C deletes half-open sessions as

required to accommodate new connection attempts.

ICMP Redirect Select to enable or disable ICMP Redirect Protection.

An ICMP redirect message is a way to change the existing routing path. Generally,

ICMP redirect packets should not be sent, and so when there is the occurrence that

ICMP redirect packets are sent, it is important to note that it is very likely to be used

as a means for a network attack.

DoS Log Select to determines if a log is created or not when the AMG1302-T11C drops

sessions that surpass maximum thresholds.

OK Click this to save your changes.

Cancel Click this to exit this screen without saving.

Table of Contents

Other manuals for ZyXEL Communications AMG1302-T11C

Configuration Guide6 pages

Quick Start Guide2 pages

Related product manuals

Preview: AMG1302-T10A

Preview: AMG1302-T series

AMG1302-T series

Preview: AMG1312-T Series

AMG1312-T Series

AMG1001-T Series

Preview: ZyXEL Communications VDSL2

ZyXEL Communications VDSL2

ZyXEL Communications C1000Z

Preview: ZyXEL Communications 5 Series

ZyXEL Communications 5 Series

Preview: VWG1312-B10A

Preview: ZyWALL USG 50

Preview: ZYWALL USG 20

Preview: VMG1312-B Series

VMG1312-B Series

Preview: ZyWALL USG 100 Series

ZyWALL USG 100 Series