DefensePro User Guide
Basic Device Configuration
Document ID: RDWR-DP-V0602_UG1201
77
Configuring Security Tuning
The security tables store information about sessions passing through the device and their sizes,
correlating them to the number of sessions. Some tables store Layer 3 information for every source-
destination address pair of traffic going through the device requiring an entry for each combination.
Some tables keep information about Layer 4 sessions. Every combination of source address, source
port, destination address and destination port requires its own entry in the table.
Note:
Layer 4 tables are larger than Layer 3 tables. TCP clients, using HTTP, may open several
TCP sessions to one destination address.
Each security table is responsible for clearing tables of old entries that are no longer required, and
ensuring that traffic is properly classified and inspected.
To configure security tuning
1. In the Configuration perspective Advanced Parameters tab navigation pane, select Tuning
Parameters > Security.
2. Configure the tuning parameters.
SIP Call Table
The maximum number of SIP calls the device can track.
Values: 16–256,000
Default: 1024
TCP Segmentation Table
The maximum number of TCP Segments. This parameter is
used when SIP Protocol is enabled and SIP is running over TCP.
Values: 1–32,768
Default: 256
Table 23: Security Tuning Parameters
Parameter
Description
Max. Number of HTTP Mitigator
Suspect Sources
The maximum number of suspect sources in HTTP Mitigation
policies.
Values: 1000–500,000
Default: 100,000
Max. Number of Server
Protection Servers
The maximum number of entries in the Server Protection policy.
Values: 100–10,000
Default: 350
Max. Number of BDoS Policies
The maximum number of configurable Behavioral DoS policies.
Values: 1–100
Default: 10
Table 22: Device Tuning Parameters
Parameter
Description
Summary of Contents for DefensePro 6.02
Page 1: ...DefensePro User Guide Software Version 6 02 Document ID RDWR DP V0602_UG1201 January 2012 ...
Page 2: ...DefensePro User Guide 2 Document ID RDWR DP V0602_UG1201 ...
Page 20: ...DefensePro User Guide 20 Document ID RDWR DP V0602_UG1201 ...
Page 28: ...DefensePro User Guide Table of Contents 28 Document ID RDWR DP V0602_UG1201 ...
Page 116: ...DefensePro User Guide Device Network Configuration 116 Document ID RDWR DP V0602_UG1201 ...
Page 302: ...DefensePro User Guide Real Time Security Reporting 302 Document ID RDWR DP V0602_UG1201 ...
Page 308: ...DefensePro User Guide Administering DefensePro 308 Document ID RDWR DP V0602_UG1201 ...
Page 324: ...DefensePro User Guide Troubleshooting 324 Document ID RDWR DP V0602_UG1201 ...