Configure advanced properties for Virtual NGFW Engine interfaces
Advanced settings allow you to configure SYN Rate Limits and Log Compression on the interfaces of a Virtual NGFW Engine. You can also configure IPv6 Router Advertisements on a Virtual Firewall’s interfaces.
SYN Rate Limits are applied to TCP connections. Each TCP connection starts with a SYN packet. If the SYN Rate Limits defined for the Virtual NGFW Engine are reached, the Virtual NGFW Engine drops new TCP connections.
By default, each generated Antispoofing (Virtual Firewalls only) and Discard log entry is logged separately and displayed as a separate entry in the Logs view. Log Compression settings allow you to define the maximum number of separately logged entries. When the defined limit is reached, a single antispoofing log entry or Discard log entry is logged. The single entry contains information about the total number of the generated Antispoofing log entries or Discard log entries. After this log entry, the logging returns to normal and all generated entries are once more logged and displayed separately. Log Compression is useful when the routing configuration generates a large volume of antispoofing logs or the number of Discard logs becomes high.
Router advertisements are packets that contain network layer configuration parameters. Enabling IPv6 Router Advertisements allows devices that connect to the same IPv6 network as the Virtual Firewall to acquire IP addresses automatically. The Router Advertisement messages specify what configuration information the Virtual Firewall has available
For more details about the product and how to configure features, click Help or press F1.