General Information on Session Monitor

The Session Monitor allows an administrator, with session limit authority, to control the number of concurrent sessions on a Managed Firewall.

Maximum TCP Sessions

To configure the Maximum TCP sessions that are allowed on the Managed Firewall, choose one of the following:

Number (Max. TCP)

If "Maximum TCP Sessions" is set to "Specify Number", enter the number in this field.

Maximum UDP Sessions

To configure the Maximum UDP sessions that are allowed on the Managed Firewall, choose one of the following:

Number (Max. UDP)

If "Maximum UDP Sessions" is set to "Specify Number", enter the number in this field.

Maximum Sessions Total

If both Maximum Session fields are set to "Specify Number", the total of these two numbers is displayed in this field.

TCP No Activity Timeout

This field identifies how much time can pass, with no activity, before the session is ended.

UDP No Activity Timeout

This field identifies how much time can pass, with no activity, before the session is ended.

Grace

Grace refers to whether the Maximum Session numbers should be strictly adhered to. If "No" is selected, any session type requests over the maximum are denied. If "Yes" is selected, any session type requests over the maximum session type value will be allowed. In this case, the administrator may just want to log when the session limit is reached.

Log When Session Limit Reached

Use this field to specify if logging should occur when the TCP or UDP limit is exceeded. As logging for excessive sessions can impact firewall performance, this field allows the administrator to turn logging on or off depending on his or her particular situation. If logging is set to "Yes", and "Grace" is set to "No", an error message will be written to the log. If logging is set to "Yes", and "Grace" is set to "Yes", a warning message will be written to the log.

OK

Press the "OK" button to save changes and close the window.

Cancel

Press the "Cancel" button to close the window without saving any changes.