ZyXEL Communications P-792H v3 - The Firewall Threshold Screen

To Next Page

To Previous Page

Chapter 10 Firewalls

P-79X Series User’s Guide

107

10.4 The Firewall Threshold Screen

For DoS attacks, the P-79X uses thresholds to determine when to start dropping sessions that do

not become fully established (half-open sessions). These thresholds apply globally to all sessions.

For TCP, half-open means that the session has not reached the established state-the TCP three-way

handshake has not yet been completed. Under normal circumstances, the application that initiates

a session sends a SYN (synchronize) packet to the receiving server. The receiver sends back an ACK

(acknowledgment) packet and its own SYN, and then the initiator responds with an ACK

(acknowledgment). After this handshake, a connection is established.

End IP Address Enter the ending IP address in a range here.

Subnet Mask Enter the subnet mask here, if applicable.

Add >> Click Add >> to add a new address to the Source or Destination Address

box. You can add multiple addresses, ranges of addresses, and/or subnets.

Edit << To edit an existing source or destination address, select it from the box and

click Edit <<.

Delete Highlight an existing source or destination address from the Source or

Destination Address box above and click Delete to remove it.

Services

Available/ Selected

Services

Please see Appendix F on page 279 for more information on services available.

Highlight a service from the Available Services box on the left, then click Add

>> to add it to the Selected Services box on the right. To remove a service,

highlight it in the Selected Services box on the right, then click Remove.

Schedule

Day to Apply Select everyday or the day(s) of the week to apply the rule.

Time of Day to

Apply (24-Hour

Format)

Select All Day or enter the start and end times in the hour-minute format to

apply the rule.

Log

Log Packet Detail

Information

This field determines if a log for packets that match the rule is created or not.

Go to the Log Settings page and select the Access Control logs category to

have the P-79X record these logs.

Alert

Send Alert Message

to Administrator

When Matched

Select the check box to have the P-79X generate an alert when the rule is

matched.

Back Click this to return to the previous screen without saving.

Apply Click this to save your changes.

Cancel Click this to restore your previously saved settings.

Table 37 Security > Firewall > Rules: Edit (continued)

LABEL DESCRIPTION

Main Page

ZyXEL Communications P-792H v3 - The Firewall Threshold Screen

Table of Contents

Other manuals for ZyXEL Communications P-792H v3

Related product manuals