DefensePro User Guide
Security Configuration
Document ID: RDWR-DP-V0602_UG1201
203
To configure global ACL settings
1. In the Configuration perspective ACL tab navigation pane, select ACL Policy > Global
Settings.
2. Configure the parameters; and then, click
(Submit) to submit the changes.
Table 104: Global ACL Parameters
Parameter
Description
Global Settings
Enable ACL
Specifies whether the ACL feature is enabled.
When you change this setting, the device requires an immediate
reboot.
Default: Disabled
Caution:
The default configuration of the Default ACL policy blocks
all traffic.
Learning Period
The time, in seconds, the device takes to learn existing sessions
before starting the protection.
During the learning period, the device accepts all sessions regardless
of any “unknown” direction.
However, for the following cases, ACL will treat the session according
to the configured policies:
•
A new TCP session that starts with a SYN packet
•
A new ICMP session that starts with a request packet
Values:
•
0—The protection starts immediately
•
1–max integer
Default: 600
TCP Handshake Timeout
The time, in seconds, the device waits for the three-way handshake
to complete before the device drops the session.
TCP Timeout in Established
State
The time, in seconds, an idle session remains in the Session table. If
the device receives packets for a timed-out, discarded session, the
device considers the packets to be out-of-state and drops them.
Values: 60–7200
Default: 3600
TCP FIN Timeout
The time, in seconds, the session remains in the Session table after
the device receives a FIN packet from both sides (from the client and
from the server).
Values: 1–600
Default: 10
TCP RST Timeout
The time, in seconds, the session remains in the Session table after
the device receives a TCP RST packet for the session.
Values: 1–600
Default: 30
Summary of Contents for DefensePro 6.02
Page 1: ...DefensePro User Guide Software Version 6 02 Document ID RDWR DP V0602_UG1201 January 2012 ...
Page 2: ...DefensePro User Guide 2 Document ID RDWR DP V0602_UG1201 ...
Page 20: ...DefensePro User Guide 20 Document ID RDWR DP V0602_UG1201 ...
Page 28: ...DefensePro User Guide Table of Contents 28 Document ID RDWR DP V0602_UG1201 ...
Page 116: ...DefensePro User Guide Device Network Configuration 116 Document ID RDWR DP V0602_UG1201 ...
Page 302: ...DefensePro User Guide Real Time Security Reporting 302 Document ID RDWR DP V0602_UG1201 ...
Page 308: ...DefensePro User Guide Administering DefensePro 308 Document ID RDWR DP V0602_UG1201 ...
Page 324: ...DefensePro User Guide Troubleshooting 324 Document ID RDWR DP V0602_UG1201 ...