Configure advanced properties for Layer 2 Firewall interfaces

Advanced settings allow you to configure SYN Rate Limits and Log Compression on the Layer 2 Firewall’s interfaces.

SYN Rate Limits are applied to TCP connections. Each TCP connection starts with a SYN packet. If the SYN Rate Limits defined for the Layer 2 Firewall are reached the Layer 2 Firewall drops new TCP connections.

Log Compression is useful when the number of Discard logs becomes high (for example, as a result of a SYN flood attack).

Note: The SYN Rate Limits and Log Compression settings in the interface properties override the Layer 2 Firewall’s general SYN Rate Limits and Log Compression settings that are defined on the Advanced tab in the Layer 2 Firewall and Layer 2 Firewall Cluster properties.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Right-click a Layer 2 Firewall and select Edit Layer 2 Firewall.
    The Engine Editor opens.
  2. In the navigation pane on the left, select Interfaces.
    The Interfaces pane opens on the right.
  3. Right-click a Physical Interface or a VLAN Interface and select Edit Physical Interface or Edit VLAN Interface.
    The properties dialog box for the interface opens.
  4. Switch to the Advanced tab.
  5. Select Override Engine’s Default Settings.
    The options for SYN Rate Limits and Log Compression are enabled.
  6. (Optional) Define the SYN Rate Limits.
    CAUTION:
    The recommended values for the SYN Rate Limits depend on your network environment. If the Custom settings are not carefully configured, the capacity of the engine might suffer or SYN Rate Limits might not work correctly.
  7. (Optional) Enable Log Compression and enter values for the Discard entries.

    Do not enable Log Compression if you want all the Discard entries to be logged as separate log entries (for example, for reporting purposes or for engine statistics).

    By default, each generated Discard log entry is logged separately and displayed as a separate entry in the Logs view. Log Compression settings allow you to define the maximum number of separately logged entries. When the defined limit is reached, a single Discard log entry is logged. The single entry contains information on the total number of the generated Discard log entries. After this, the logging returns to normal and all the generated entries are once more logged and displayed separately.

  8. Click OK.
  9. Click Save and Refresh to transfer the configuration changes.