General Information on Session Monitor
The Session Monitor allows an administrator, with session limit authority, to
control the number of concurrent sessions on a Managed Firewall.
Maximum TCP Sessions
To configure the Maximum TCP sessions that are allowed on the Managed Firewall, choose one of the
following:
- Specify Number -- Choose this option to place an upper limit
on TCP sessions. If this option is chosen, type in the number in the
field below.
- Unlimited -- Choose this option if you do not wish to place
an upper limit on TCP Sessions.
Number (Max. TCP)
If "Maximum TCP Sessions" is set to "Specify Number", enter the number
in this field.
Maximum UDP Sessions
To configure the Maximum UDP sessions that are allowed on the Managed Firewall, choose one of the
following:
- Specify Number -- Choose this option to place an upper limit
on UDP sessions. If this option is chosen, type in the number in the
field below.
- Unlimited -- Choose this option if you do not wish to place
an upper limit on UDP Sessions.
Number (Max. UDP)
If "Maximum UDP Sessions" is set to "Specify Number", enter the number
in this field.
Maximum Sessions Total
If both Maximum Session fields are set to "Specify Number", the
total of these two numbers is displayed in this field.
TCP No Activity Timeout
This field identifies how much time can pass, with no activity, before
the session is ended.
UDP No Activity Timeout
This field identifies how much time can pass, with no activity, before
the session is ended.
Grace
Grace refers to whether the Maximum Session numbers should be
strictly adhered to. If "No" is selected, any session type requests
over the maximum are denied. If "Yes" is selected, any session type
requests over the maximum session type value will be allowed. In this
case, the administrator may just want to log when the session limit is
reached.
Log When Session Limit Reached
Use this field to specify if logging should occur when the TCP or UDP limit
is exceeded. As logging for excessive sessions can impact firewall performance,
this field allows the administrator to turn logging on or off depending on
his or her particular situation. If logging is set to "Yes", and "Grace" is set
to "No", an error message will be written to the log.
If logging is set to "Yes", and "Grace" is set
to "Yes", a warning message will be written to the log.
OK
Press the "OK" button to save changes and close the window.
Cancel
Press the "Cancel" button to close the window without saving any changes.